Nvidia tells users to update GPU drivers now or face possible attack — here's what we know

The majority of the flaws are labeled as “high-severity”, which is why Nvidia urged its users to apply the fixes without delay.

In a newly released security advisory, Nvidia said it fixed bugs in GeForce, RTX, Quadro, Tesla, and NVS product lines, as well as its vGPU and Cloud Gaming software.

How to patch up

The biggest vulnerability to be fixed is a “use-after-free” memory flaw, now tracked as CVE-2026-24187. With a severity of 8.8/10 (high), this bug allows threat actors to execute arbitrary code, steal data, escalate privileges, and even crash entire systems.

Several other high-severity vulnerabilities allow malicious actors to do similar things, from code execution to privilege escalation, and from data tampering to information disclosure.

One affects both Windows and Linux systems through improper access to GPU resources in the kernel layer, while another targets Windows specifically through a timing flaw that could be exploited to manipulate system operations.

Among the fixed flaws are two in Nvidia’s Unified Virtual Memory subsystem on Linux, which could lead to denial-of-service attacks without the need for elevated permissions. Nvidia's vGPU software, used in virtualized and cloud environments, also received patches for two vulnerabilities in the virtual GPU manager component.

Users can now download the updated drivers either through the Nvidia Driver Downloads page, or through the Nvidia Licensing Portal, depending on which products they’re running. Windows users should look for the driver version 569.49 and newer, while those running Linux, version 590.48.01.

Besides making sure the software is patched, users should also always keep their Windows Defender (or other antivirus programs) up and running at all times.

The company credited several external security researchers for responsibly reporting the flaws, including researchers from Seoul National University and Binarly Research Team.