Bounties
Partners
Community
Info
nvidia / nvidia-container-toolkit
Project repository
Build and run containers leveraging NVIDIA GPUs
Submit a report
FIRST INTERACTION
WITHIN
N/A DAYS
REVIEW
WITHIN
9 DAYS
FIX
WITHIN
N/A DAYS
Container Breakout & Host-Root Escalation via Config Path Resolution Flaw
Mar 5th 2026
orel-asper
•
duplicate
Critical
Container Escape via TOCTOU Race in CDI Hook Symlink Resolution
May 22nd 2026
wernerina
•
duplicate
High
Container Escape via Symlink Following in chmod CDI Hook. Host Filesystem permis...
May 13th 2026
venkatatadu
•
pending
Container Escape and Privilege Escalation via Malicious GPU Device Mounting
May 13th 2026
sebas5207418
•
pending
Arbitrary File Write and Path Traversal via Unsanitized CRIO_HOOKS_DIR / CRIO_HO...
Mar 5th 2026
makeeverythingwithai-sketch
•
duplicate
High
Unchecked ELF note lengths in `enable-cuda-compat` hook cause panic and containe...
Feb 8th 2026
makeeverythingwithai-sketch
•
self closed
Command Injection via Unescaped Shell Invocation — Complete Report & Fixes
Mar 2nd 2026
7908837174
•
pending
TOCTOU Race Condition in Device Node Creation Allows Arbitrary File Permission...
Mar 2nd 2026
lea75008
•
pending
Pre-start root code execution inside GPU containers via update-ldcache hook pivo...
Jan 10th 2026
itsbalvant
•
pending
Local YUM Repository Disabled by Default in entrypoint.sh Scripts for CentOS 8 a...
Nov 6th 2025
sanjay20m
•
pending
Improper Input Validation in nvidia-ctk config Allows Arbitrary Key Injection in...
Oct 17th 2025
bahaashawish1
•
pending
Arbitrary Host Binary Execution via Feature-Gated ldconfig Path in NVIDIA Contai...
Oct 15th 2025
darkeeeandme
•
pending
HTTP Request Smuggling via Go net/http in NVIDIA Container Toolkit (CVE‑2025‑228...
Sep 17th 2025
osama55-coder
•
pending
Privilege Escalation in NVIDIA Container Runtime Hook via Forged HookState and c...
Aug 1st 2025
michaelpierre
•
pending
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
