High-Severity NVIDIA NeMo Framework Flaws Allow Code Injection and Privilege Escalation in AI Pipelines

NVIDIA has released an important security update for its NeMo Framework, addressing two high-severity vulnerabilities that expose AI developers and machine-learning pipelines to risks including arbitrary code execution, escalation of privileges, information disclosure, and data tampering.

The first vulnerability, CVE-2025-23361, affects a NeMo script that insufficiently validates attacker-controlled input.

As NVIDIA explains, “NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation.”

A successful exploit can result in multiple forms of compromise:

“A successful exploit… may lead to code execution, escalation of privileges, information disclosure, and data tampering.”

The vulnerability carries a CVSS base score of 7.8, indicating a high-severity local attack vector.

The second vulnerability, CVE-2025-33178, targets the BERT services component, where maliciously crafted data can trigger unsafe code injection.

NVIDIA writes, “NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection.”

Like the previous flaw, exploitation can lead to severe compromise:

“A successful exploit… may lead to code execution, escalation of privileges, information disclosure, and data tampering.”

Both vulnerabilities share the same CVSS score reflecting a high-impact local attack, particularly relevant in shared development machines, research clusters, and AI inference servers.

The advisory makes clear that the vulnerabilities impact all supported platforms, including Linux, Windows, cloud container images, and custom infrastructure built using NeMo.

NVIDIA confirms:

• Affected Versions: All versions prior to 2.5.0.
• Updated Version: 2.5.0.

Users should obtain the patched release from:

• GitHub:
• PyPI

Related Posts:

• NVIDIA NeMo Framework: High-Risk Vulnerabilities Allow Remote Code Execution
• NVIDIA Issues Security Update for NeMo Framework: Multiple High-Severity Vulnerabilities Patched
• NVIDIA Warns of a High-Severity Flaw in NeMo AI Curator (CVE-2025-23307)
• Microsoft Introduces New Publish API to Enhance Security of Edge Extensions
• The Open Source Smart Watch Systems AsteroidOS 1.0 Release