CVE-2025-33205
HIGHDescription
NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution.
Is your site exposed to CVE-2025-33205?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| nvidia | nemo |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-33205? +
How severe is CVE-2025-33205? +
What products are affected by CVE-2025-33205? +
How do I check if I'm vulnerable to CVE-2025-33205? +
Related Vulnerabilities
A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache (such as those …
A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum software due to unsafe handling of untrusted input …
conda-forge-metadata provides programatic access to conda-forge's metadata. conda-forge-metadata uses an optional dependency - "conda-oci-mirror" which was neither present on the …
Collabora Online is a collaborative online office suite based on LibreOffice. Macro support is disabled by default in Collabora Online, …
An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B&R APROL <4.4-00P1 may allow an …
An authenticated remote code execution vulnerability exists in Lucee’s administrative interface due to insecure design in the scheduled task functionality. …