8.8
CVE-2025-33245
- EPSS 0.52%
- Veröffentlicht 18.02.2026 14:16:03
- Zuletzt bearbeitet 20.02.2026 19:42:12
- Quelle psirt@nvidia.com
- CVE-Watchlists
- Unerledigt
NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.52% | 0.4 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| psirt@nvidia.com | 8 | 2.1 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
|
CWE-502 Deserialization of Untrusted Data
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://nvidia.custhelp.com/app/answers/detail/a_id/5762
https://nvd.nist.gov/vuln/detail/CVE-2025-33245
https://www.cve.org/CVERecord?id=CVE-2025-33245