Lucene search
+L

563 matches found

Nvidia
Nvidia
added 2026/03/24 12:0 a.m.10 views

Security Bulletin: NVIDIA NeMo Framework - March 2026

NVIDIA has released a software update for NVIDIA® NeMo Framework. To protect your system, clone or update this software to version 2.6.2 or later from NVIDIA/NeMo Framework on NVIDIA GitHub or pypi. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilitie...

9.8CVSS6.1AI score0.00641EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.7 views

PT-2026-27514

Name of the Vulnerable Software and Affected Versions NVIDIA NeMo Framework affected versions not specified Description The NVIDIA NeMo Framework has a flaw that could allow an attacker to trigger remote code execution. Successful exploitation of this issue may result in code execution, privilege...

9.8CVSS7.1AI score0.00641EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.9 views

PT-2026-27512

Name of the Vulnerable Software and Affected Versions NVIDIA NeMo Framework affected versions not specified Description The NVIDIA NeMo Framework has a flaw in how it loads checkpoints, potentially allowing a remote attacker to execute code. Exploitation of this issue could result in code...

9.8CVSS7.1AI score0.00641EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.8 views

CVE-2025-33246

NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Evaluator utility, where a user could cause a command injection by supplying crafted input to a configuration parameter. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,...

7.8CVSS5.7AI score0.00919EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.8 views

CVE-2025-33253

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...

7.8CVSS6.5AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.8 views

CVE-2025-33251

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...

7.8CVSS6.1AI score0.00219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.8 views

CVE-2025-33241

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by loading a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

7.8CVSS6.5AI score0.00219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.11 views

CVE-2025-33249

NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, a...

7.8CVSS5.7AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.10 views

CVE-2025-33236

NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

7.8CVSS5.7AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.8 views

CVE-2025-33245

NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

8.8CVSS6.1AI score0.00521EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.7 views

CVE-2025-33252

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...

7.8CVSS6.1AI score0.00198EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.8 views

CVE-2025-33243

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

7.8CVSS6.5AI score0.00214EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.8 views

CVE-2025-33250

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...

7.8CVSS6.1AI score0.00219EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/02/18 3:31 p.m.10 views

fast-whisper-diarizer (>=0.1.2 <=0.1.32), faster-whisper-hotkey (>=0.2.7 <=0.4.3) +14 more potentially affected by CVE-2025-33253 via nemo-toolkit (>=1.23.0 <=2.5.3)

nemo-toolkit PYPI version =1.23.0, =0.1.2, =0.2.7, =1.0.0, =0.0.1, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.0.3, =0.0.4 - wavlmmsdd =1.0.0 and more Source cves: CVE-2025-33253 Source advisory: OSV:GHSA-HVJW-VP7G-39H5...

7.8CVSS5.7AI score0.00187EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/18 3:31 p.m.7 views

fast-whisper-diarizer (>=0.1.2 <=0.1.32), faster-whisper-hotkey (>=0.2.7 <=0.4.3) +9 more potentially affected by CVE-2025-33253 via nemo-toolkit (>=2.0.0rc0 <=2.5.3)

nemo-toolkit PYPI version =2.0.0rc0, =0.1.2, =0.2.7, =1.0.0, =0.0.1, =0.0.1, =0.1.0, =1.0.0, =1.0.7 Source cves: CVE-2025-33253 Source advisory: SNYK:PYTHON-NEMOTOOLKIT-15325663...

7.8CVSS5.7AI score0.00187EPSS
Exploits0
Snyk
Snyk
added 2026/02/18 3:31 p.m.5 views

Deserialization of Untrusted Data

Overview nemo-toolkit is a NeMo - a toolkit for Conversational AI Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserialization process in the receivegenerateinfo function of audiotextgenerationutils.py. An attacker can execute arbitrary code, cause...

8.5CVSS6.1AI score0.00187EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/02/18 3:31 p.m.8 views

NVIDIA NeMo Framework Deserializes Untrusted Data

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...

7.8CVSS6.5AI score0.00187EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/18 3:31 p.m.5 views

GHSA-HVJW-VP7G-39H5 NVIDIA NeMo Framework Deserializes Untrusted Data

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...

7.8CVSS6.4AI score0.00187EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/02/18 3:31 p.m.3 views

fast-whisper-diarizer (>=0.1.2 <=0.1.32), faster-whisper-hotkey (>=0.2.7 <=0.4.3) +14 more potentially affected by CVE-2025-33245 via nemo-toolkit (>=1.23.0 <=2.5.3)

nemo-toolkit PYPI version =1.23.0, =0.1.2, =0.2.7, =1.0.0, =0.0.1, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.0.3, =0.0.4 - wavlmmsdd =1.0.0 and more Source cves: CVE-2025-33245 Source advisory: OSV:GHSA-9379-MWVR-7WXX...

8.8CVSS5.7AI score0.00521EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/18 3:31 p.m.3 views

fast-whisper-diarizer (>=0.1.2 <=0.1.32), faster-whisper-hotkey (>=0.2.7 <=0.4.3) +9 more potentially affected by CVE-2025-33245 via nemo-toolkit (>=2.0.0rc0 <=2.5.3)

nemo-toolkit PYPI version =2.0.0rc0, =0.1.2, =0.2.7, =1.0.0, =0.0.1, =0.0.1, =0.1.0, =1.0.0, =1.0.7 Source cves: CVE-2025-33245 Source advisory: SNYK:PYTHON-NEMOTOOLKIT-15325666...

8.8CVSS5.7AI score0.00521EPSS
Exploits0
Rows per page
Query Builder