~/products/nvidia/bionemo_framework

pipeline liveDigest Docs

Nvidia Bionemo Framework vulnerabilities

4 known vulnerabilities affecting nvidia/bionemo_framework.

Total CVEs

4

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

CRITICAL1HIGH3

Vulnerabilities

Page 1 of 1

CVE-2026-24216HIGHCVSS 7.8fixed in 2026-04-03fixed in commit dfd83a7 in Main2026-05-20

CVE-2026-24216 [HIGH] CWE-502 CVE-2026-24216: NVIDIA BioNemo for Linux contains a vulnerability where a user could cause a deserialization of untr NVIDIA BioNemo for Linux contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.

CVE-2026-24217HIGHCVSS 8.8fixed in 2026-04-03fixed in commit dfd83a7 on main2026-05-20

CVE-2026-24217 [HIGH] CWE-29 CVE-2026-24217: NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.

CVE-2026-24164CRITICALCVSS 9.8fixed in 2026-01-21vAll versions that do not include commit f2c2b142026-03-31

CVE-2026-24164 [CRITICAL] CWE-502 CVE-2026-24164: NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.

CVE-2026-24165HIGHCVSS 8.8fixed in 2026-01-21vAll versions that do not include commit e5e58c82026-03-31

CVE-2026-24165 [HIGH] CWE-502 CVE-2026-24165: NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.