555 matches found
GHSA-X746-7M8F-X49C vulnerabilities
Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, nemo...
GHSA-WQP7-X3PW-XC5R vulnerabilities
Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, nemo...
CVE-2026-48818 vulnerabilities
Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, nemo...
CVE-2026-48817 vulnerabilities
Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, nemo...
CVE-2026-24155
NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2026-24228
NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure...
EUVD-2026-37130
NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure...
CVE-2026-24228
NVIDIA NeMo Framework for Linux contains a vulnerability where deserialization of untrusted data may lead to code execution, privilege escalation, data tampering, and information disclosure. The connected NVIDIA security bulletin confirms affected product: NVIDIA NeMo Framework for Linux, with af...
CVE-2026-24155
NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2026-24155
CVE-2026-24155 affects NVIDIA NeMo Framework for all platforms, described as a code injection vulnerability (CWE-94) that can lead to code execution, privilege escalation, information disclosure, and data tampering. The NVIDIA security bulletin states that CVE-2026-24155 is addressed by updating ...
EUVD-2026-37129
NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
PT-2026-49725
Name of the Vulnerable Software and Affected Versions NVIDIA NeMo Framework affected versions not specified Description NVIDIA NeMo Framework contains a code injection flaw. A successful exploit could lead to arbitrary code execution, escalation of privileges, information disclosure, and data...
PT-2026-49726
Name of the Vulnerable Software and Affected Versions NVIDIA NeMo Framework for Linux affected versions not specified Description An issue exists where an attacker may cause deserialization of untrusted data. Deserialization is the process of converting a data stream back into an object. A...
Security Bulletin: NVIDIA NeMo - June 2026
NVIDIA has released a software update for NVIDIA® NeMo Framework. To protect your system, clone or update this software to version 2.7.3 or later from the NVIDIA-NeMo/NeMo GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this...
CVE-2025-3000 vulnerabilities
Vulnerabilities for packages: py3-torch-cuda-13.2, py3-torch-cuda-13.3, nemo, py3-torch-cuda-13.0, py3-torch-cuda-12.9, py3-torch-cuda-12.4, py3-torch-cuda-12.6, py3-torch-cuda-13.1, py3-torch-cuda-12.8...
GHSA-RRMF-RVHW-RF47 vulnerabilities
Vulnerabilities for packages: py3-torch-cuda-13.2, py3-torch-cuda-13.3, nemo, py3-torch-cuda-13.0, py3-torch-cuda-12.9, py3-torch-cuda-12.4, py3-torch-cuda-12.6, py3-torch-cuda-13.1, py3-torch-cuda-12.8...
Malicious Package
Overview nemo-reporter is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in nemo-reporter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 42a43ec0a345170ad191fa1c25bdd4000595aa8ce733c6b9c69de6b65a1defb2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4836 Malicious code in nemo-reporter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 42a43ec0a345170ad191fa1c25bdd4000595aa8ce733c6b9c69de6b65a1defb2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview @not-nemo/crypto-tracker is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...