CVE-2025-33204
published 2025-11-25CVE-2025-33204: NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| msrc | cbl2_sysstat_12.7.1-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| nvidia | nemo | < 2.5.1 | 2.5.1 |
| nvidia | nemo_framework | — | — |