CVE-2025-33205
published 2025-11-25CVE-2025-33205: NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control…
high7.3CVSS 3.1
AVLACLPRLUIRSUCHIHAH
NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | nemo | < 2.5.1 | 2.5.1 |
| nvidia | nemo_framework | — | — |