Nvidia Megatron-Lm vulnerabilities
15 known vulnerabilities affecting nvidia/megatron-lm.
Total CVEs
15
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH15
Vulnerabilities
Page 1 of 1
CVE-2025-33247HIGHCVSS 7.8fixed in 0.15.32026-03-24
CVE-2025-33247 [HIGH] CWE-502 CVE-2025-33247: NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow
NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
nvd
CVE-2026-24150HIGHCVSS 7.8fixed in 0.15.32026-03-24
CVE-2026-24150 [HIGH] CWE-502 CVE-2026-24150: NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE
NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
nvd
CVE-2025-33248HIGHCVSS 7.8fixed in 0.15.32026-03-24
CVE-2025-33248 [HIGH] CWE-502 CVE-2025-33248: NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script where an Attacker may ca
NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
nvd
CVE-2026-24151HIGHCVSS 7.8fixed in 0.15.32026-03-24
CVE-2026-24151 [HIGH] CWE-502 CVE-2026-24151: NVIDIA Megatron-LM contains a vulnerability in inferencing where an Attacker may cause an RCE by con
NVIDIA Megatron-LM contains a vulnerability in inferencing where an Attacker may cause an RCE by convincing a user to load a maliciously crafted input. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
nvd
CVE-2026-24152HIGHCVSS 7.8fixed in 0.15.32026-03-24
CVE-2026-24152 [HIGH] CWE-502 CVE-2026-24152: NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE
NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
nvd
CVE-2026-24149HIGHCVSS 7.8fixed in 0.14.02026-02-03
CVE-2026-24149 [HIGH] CWE-94 CVE-2026-24149: NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data crea
NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, data tampering.
cvelistv5nvd
CVE-2025-23357HIGHCVSS 7.8vAll versions prior to 0.14.02025-11-11
CVE-2025-23357 [HIGH] CWE-94 CVE-2025-23357: NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data crea
NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, data tampering.
cvelistv5nvd
CVE-2025-23353HIGHCVSS 7.8fixed in 0.12.3v0.13.0+1 more2025-09-24
CVE-2025-23353 [HIGH] CWE-94 CVE-2025-23353: NVIDIA Megatron-LM for all platforms contains a vulnerability in the msdp preprocessing script where
NVIDIA Megatron-LM for all platforms contains a vulnerability in the msdp preprocessing script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information disclosure, and data tampering.
cvelistv5nvd
CVE-2025-23349HIGHCVSS 7.8fixed in 0.12.3v0.13.0+1 more2025-09-24
CVE-2025-23349 [HIGH] CWE-94 CVE-2025-23349: NVIDIA Megatron-LM for all platforms contains a vulnerability in the tasks/orqa/unsupervised/nq.py c
NVIDIA Megatron-LM for all platforms contains a vulnerability in the tasks/orqa/unsupervised/nq.py component, where an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
cvelistv5nvd
CVE-2025-23354HIGHCVSS 7.8fixed in 0.12.3v0.13.0+1 more2025-09-24
CVE-2025-23354 [HIGH] CWE-94 CVE-2025-23354: NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensemble_classifer script where
NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensemble_classifer script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information disclosure, and data tampering.
cvelistv5nvd
CVE-2025-23348HIGHCVSS 7.8fixed in 0.12.3v0.13.0+1 more2025-09-24
CVE-2025-23348 [HIGH] CWE-94 CVE-2025-23348: NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretrain_gpt script, where mali
NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretrain_gpt script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
cvelistv5nvd
CVE-2025-23306HIGHCVSS 7.8fixed in 0.12.2vAll versions prior to 0.12.22025-08-13
CVE-2025-23306 [HIGH] CWE-94 CVE-2025-23306: NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/
arguments.py
NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/
arguments.py component where an attacker could cause a code injection issue by providing a malicious input. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
cvelistv5nvd
CVE-2025-23305HIGHCVSS 7.8fixed in 0.12.2vAll versions prior to 0.12.22025-08-13
CVE-2025-23305 [HIGH] CWE-94 CVE-2025-23305: NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attac
NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
cvelistv5nvd
CVE-2025-23265HIGHCVSS 7.8fixed in 0.12.12025-06-24
CVE-2025-23265 [HIGH] CWE-94 CVE-2025-23265: NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacke
NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability may lead to Code Execution, Escalation of Privileges, Information Disclosure and Data Tampering.
nvd
CVE-2025-23264HIGHCVSS 7.8fixed in 0.12.12025-06-24
CVE-2025-23264 [HIGH] CWE-94 CVE-2025-23264: NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacke
NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability may lead to Code Execution, Escalation of Privileges, Information Disclosure and Data Tampering.
nvd