CVE-2025-33212NVD

Vulnerability Summary

NVIDIA NeMo Framework contains a vulnerability in model loading that could allow an attacker to exploit improper control mechanisms if a user loads a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, and data tampering.

Severity Level

HIGH(7.3)

Published Date

Dec 16, 2025

Last Modified

Jan 9, 2026

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-502: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v3.1 Base Metrics

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredLow

User InteractionRequired

ScopeUnchanged

ConfidentialityHigh

IntegrityHigh

AvailabilityHigh

External References

https://nvd.nist.gov/vuln/detail/CVE-2025-33212
https://nvidia.custhelp.com/app/answers/detail/a_id/5736
https://www.cve.org/CVERecord?id=CVE-2025-33212