CVE-2025-23264
published 2025-06-24CVE-2025-23264: NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by providing a malicious…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability may lead to Code Execution, Escalation of Privileges, Information Disclosure and Data Tampering.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | megatron-lm | < 0.12.1 | 0.12.1 |
| nvidia | megatron_lm | — | — |