CVE-2025-33246
published 2026-02-18CVE-2025-33246: NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Evaluator utility, where a user could cause a command injection by supplying…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Evaluator utility, where a user could cause a command injection by supplying crafted input to a configuration parameter. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, or information disclosure.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | nemo | < 2.6.1 | 2.6.1 |
| nvidia | nemo_framework | — | — |