Skip to main content

Nemo

25 CVEs product

Monthly

CVE-2025-33253 PyPI HIGH PATCH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-33252 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-33251 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-33250 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-33249 HIGH This Week

NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. [CVSS 7.8 HIGH]

Privilege Escalation Code Injection Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33246 HIGH This Week

NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Evaluator utility, where a user could cause a command injection by supplying crafted input to a configuration parameter. [CVSS 7.8 HIGH]

Privilege Escalation Command Injection Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33245 PyPI HIGH PATCH This Week

NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 8.0 HIGH]

RCE Privilege Escalation Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
8.0
EPSS
0.3%
CVE-2025-33243 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Privilege Escalation Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-33241 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by loading a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Privilege Escalation Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-33236 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

Privilege Escalation Code Injection Information Disclosure AI / ML Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33205 HIGH This Week

NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Nemo
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-33204 HIGH This Week

NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure RCE Nvidia Code Injection Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33178 HIGH This Month

NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure RCE Nvidia Code Injection Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23361 HIGH This Month

NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure RCE Nvidia Code Injection Nemo +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23315 HIGH This Month

NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection Information Disclosure Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23314 HIGH This Month

NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection Information Disclosure Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23313 HIGH This Month

NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection Information Disclosure Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23312 HIGH This Month

NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection Information Disclosure Nemo
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23304 HIGH This Week

NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Path Traversal Nemo
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-23303 HIGH This Week

NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Deserialization Nvidia Nemo
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2025-23251 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of generation of code by remote code execution. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Nvidia Nemo
NVD
CVSS 3.1
7.6
EPSS
0.5%
CVE-2025-23250 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper limitation of a pathname to a restricted directory by an arbitrary file write. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nvidia RCE Path Traversal Nemo
NVD
CVSS 3.1
7.6
EPSS
0.4%
CVE-2025-23249 HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nvidia RCE Deserialization Nemo
NVD
CVSS 3.1
7.6
EPSS
1.4%
CVE-2024-0129 HIGH This Week

NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Path Traversal Nvidia Nemo
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-0081 PyPI HIGH This Week

NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Ubuntu Nemo
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Denial Of Service Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. [CVSS 7.8 HIGH]

Privilege Escalation Code Injection Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Evaluator utility, where a user could cause a command injection by supplying crafted input to a configuration parameter. [CVSS 7.8 HIGH]

Privilege Escalation Command Injection Information Disclosure +2
NVD
EPSS 0% CVSS 8.0
HIGH PATCH This Week

NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 8.0 HIGH]

RCE Privilege Escalation Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Privilege Escalation Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by loading a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

RCE Privilege Escalation Information Disclosure +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

Privilege Escalation Code Injection Information Disclosure +2
NVD
EPSS 0% CVSS 7.3
HIGH This Week

NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Nemo
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure RCE Nvidia +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure RCE Nvidia +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure RCE Nvidia +3
NVD
EPSS 0% CVSS 7.8
HIGH This Month

NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Code Injection +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Nvidia Path Traversal +1
NVD
EPSS 2% CVSS 7.8
HIGH This Week

NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Deserialization Nvidia +1
NVD
EPSS 0% CVSS 7.6
HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of generation of code by remote code execution. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Nvidia +1
NVD
EPSS 0% CVSS 7.6
HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper limitation of a pathname to a restricted directory by an arbitrary file write. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nvidia RCE Path Traversal +1
NVD
EPSS 1% CVSS 7.6
HIGH This Week

NVIDIA NeMo Framework contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nvidia RCE Deserialization +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Path Traversal Nvidia +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nvidia Denial Of Service Ubuntu +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy