CVE-2025-33248
published 2026-03-24CVE-2025-33248: NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script where an Attacker may cause an RCE by convincing a user to load a maliciously…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nvidia | megatron-lm | < 0.15.3 | 0.15.3 |
| nvidia | megatron_lm | — | — |