Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
NVIDIA NeMo Framework allows remote code execution
CVE-2025-33251
Summary
The NVIDIA NeMo Framework has a security weakness that lets an attacker take control of a system from a distance. This could allow them to disrupt or damage the system, steal sensitive information, or make unauthorized changes. Update the Framework to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| nvidia | nemo | <= 2.6.1 | – |
Original title
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, infor...
Original description
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
nvd CVSS3.1
7.8
Vulnerability type
CWE-94
Code Injection
- https://nvd.nist.gov/vuln/detail/CVE-2025-33251 US Government Resource VDB Entry
- https://nvidia.custhelp.com/app/answers/detail/a_id/5762 Vendor Advisory
- https://www.cve.org/CVERecord?id=CVE-2025-33251 Third Party Advisory
Published: 18 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026