Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
NVIDIA NeMo Framework: Unauthenticated Code Execution Risk
CVE-2025-33252
Summary
The NVIDIA NeMo Framework has a security flaw that allows an attacker to run malicious code remotely, potentially leading to data corruption, system crashes, or unauthorized access. This could happen if an attacker sends malicious input to the affected system. To protect your systems, update the NVIDIA NeMo Framework to the latest version.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| nvidia | nemo | <= 2.6.1 | – |
Original title
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, infor...
Original description
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
nvd CVSS3.1
7.8
Vulnerability type
CWE-502
Deserialization of Untrusted Data
- https://nvd.nist.gov/vuln/detail/CVE-2025-33252 US Government Resource VDB Entry
- https://nvidia.custhelp.com/app/answers/detail/a_id/5762 Vendor Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-33252 Third Party Advisory
Published: 18 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026