CVE-2025-33178
published 2025-11-11CVE-2025-33178: NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to Code execution, Escalation of privileges, Information disclosure, and Data tampering.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | nemo | < 2.5.0 | 2.5.0 |
| nvidia | nemo_framework | — | — |