CVE-2026-0481_CVE-2026-0481

9.2 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

Description

Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability

AI Analysis

Unrestricted IP address binding vulnerability in AMD Device Metrics Exporter allowing remote attackers to perform unauthorized changes to GPU configuration

Basic Information

ID CVE-2026-0481

Source AMD

Published May 15, 2026 at 03:04

Affected Product

Vendor AMD

Product AMD Instinct™ MI210

Version DME v1.4.1.2 and v1.4.0.1

CWE Classification

CWE-1327

AI Assessment

AI Score 9.2 / 10

AI Severity Critical

Vendor AMD

Product AMD Device Metrics Exporter

Version DME v1.4.1.2, DME v1.4.0.1

References

www.amd.com /en/resources/product-security/bulletin/AMD-SB-6031.html

{
    "lastseen": "",
    "description": "Unrestricted IP address binding in the AMD Device Metrics Exporter (ROCm ecosystem) could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability",
    "published": "2026-05-15T03:04:56.312Z",
    "modified": "2026-05-15T03:04:56.312Z",
    "type": "cve",
    "title": "CVE-2026-0481",
    "source": "AMD",
    "references": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6031.html",
    "id": "CVE-2026-0481",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1327"
    ],
    "cvelist": null,
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 9.2,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "AMD Instinct\u2122 MI210",
    "version": "DME v1.4.1.2 and v1.4.0.1",
    "vendor": "AMD",
    "ai_description": "Unrestricted IP address binding vulnerability in AMD Device Metrics Exporter allowing remote attackers to perform unauthorized changes to GPU configuration",
    "ai_severity": "Critical",
    "ai_vendor": "AMD",
    "ai_product": "AMD Device Metrics Exporter",
    "ai_version": "DME v1.4.1.2, DME v1.4.0.1",
    "ai_score": 9.2
}