CVE-2025-33226NVD

Vulnerability Summary

NVIDIA NeMo Framework for all platforms contains a vulnerability where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.

Severity Level

HIGH(7.8)

Published Date

Dec 16, 2025

Last Modified

Jan 9, 2026

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-502: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v3.1 Base Metrics

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredLow

User InteractionNone

ScopeUnchanged

ConfidentialityHigh

IntegrityHigh

AvailabilityHigh

External References

https://nvd.nist.gov/vuln/detail/CVE-2025-33226
https://nvidia.custhelp.com/app/answers/detail/a_id/5736
https://www.cve.org/CVERecord?id=CVE-2025-33226