555 matches found
Security Bulletin: NVIDIA NeMo Framework - December 2025
NVIDIA has released a software update for NVIDIA® NeMo Framework. To protect your system, clone or update this software to version 2.5.3 or later from NVIDIA/NeMo Framework on NVIDIA GitHub and pypi. Go to NVIDIA Product Security...
django-daiquiri (>=1.3.0 <=1.3.1), django-jwt-allauth (>=1.0.3 <=1.2.0) +6 more potentially affected by CVE-2025-65431 via django-allauth (>=65.0.1 <=65.12.1)
django-allauth PYPI version =65.0.1, =1.3.0, =1.0.3, =0.3.8, =4.0.0, =3.11.3, =2.0.0, =1.1.1, =1.1.2 Source cves: CVE-2025-65431 Source advisory: SNYK:PYTHON-DJANGOALLAUTH-14425069...
antgrid-server (>=0.0.2 <=0.0.3), kani-tts (=0.0.1) +3 more potentially affected by CVE-2025-33201 via nvidia-pytriton (=0.7.0)
nvidia-pytriton PYPI version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on nvidia-pytriton and may be impacted: - antgrid-server =0.0.2, =0.1.0, =0.1.0rc1, =0.1.0, =0.4.0 Source cves: CVE-2025-33201 Source advisory:...
antgrid-server (>=0.0.2 <=0.0.3), kani-tts (=0.0.1) +3 more potentially affected by CVE-2025-33211 via nvidia-pytriton (=0.7.0)
nvidia-pytriton PYPI version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on nvidia-pytriton and may be impacted: - antgrid-server =0.0.2, =0.1.0, =0.1.0rc1, =0.1.0, =0.4.0 Source cves: CVE-2025-33211 Source advisory:...
CVE-2025-33203
NVIDIA NeMo Agent Toolkit UI for Web contains a vulnerability in the chat API endpoint where an attacker may cause a Server-Side Request Forgery. A successful exploit of this vulnerability may lead to information disclosure and denial of service...
CVE-2025-33204
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data...
CVE-2025-33205
NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution...
EUVD-2025-199613
NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution...
EUVD-2025-199611
NVIDIA NeMo Agent Toolkit UI for Web contains a vulnerability in the chat API endpoint where an attacker may cause a Server-Side Request Forgery. A successful exploit of this vulnerability may lead to information disclosure and denial of service...
EUVD-2025-199609
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data...
CVE-2025-33205
NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution...
CVE-2025-33204
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data...
CVE-2025-33205
NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution...
CVE-2025-33204
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data...
CVE-2025-33203
NVIDIA NeMo Agent Toolkit UI for Web contains a vulnerability in the chat API endpoint where an attacker may cause a Server-Side Request Forgery. A successful exploit of this vulnerability may lead to information disclosure and denial of service...
CVE-2025-33203
NVIDIA NeMo Agent Toolkit UI for Web is affected by a Server-Side Request Forgery in the chat API endpoint (likely /chat). The root cause is a vulnerability in the chat API that may allow an attacker to induce information disclosure and denial of service. Public documentation in connected sources...
CVE-2025-33203
NVIDIA NeMo Agent Toolkit UI for Web contains a vulnerability in the chat API endpoint where an attacker may cause a Server-Side Request Forgery. A successful exploit of this vulnerability may lead to information disclosure and denial of service...
CVE-2025-33203
NVIDIA NeMo Agent Toolkit UI for Web contains a vulnerability in the chat API endpoint where an attacker may cause a Server-Side Request Forgery. A successful exploit of this vulnerability may lead to information disclosure and denial of service...
CVE-2025-33205
NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution...
CVE-2025-33205
NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution...