CVE-2025-23298

Vulnerability

Overview

NVIDIA Merlin Transformers4Rec contains a vulnerability in a Python dependency that allows code injection.[1] The issue affects all platforms and stems from an insecure dependency that can be exploited without additional authentication or user interaction beyond the affected system's environment. An attacker with local or network access to the vulnerable component can inject arbitrary code through the dependency.[1]

Exploitation

Details

Exploitation requires the attacker to have a means of influencing the data processed by the Transformers4Rec library, potentially through crafted input data or by leveraging the library's integration with other systems. The attack vector is local, suggesting the attacker needs some level of access to the host running the vulnerable software, though network-based scenarios may also be possible depending on deployment configurations. No explicit user interaction is required to trigger the vulnerability.

Impact

Successful exploitation can lead to arbitrary code execution, escalation of privileges, information disclosure, and data tampering. The full impact depends on the privileges of the process running Transformers4Rec, but the combination of code execution and privilege escalation indicates a high-severity risk to the confidentiality, integrity, and availability of the affected system.

Mitigation

As of the publication date (2025-08-13), no patch details or workarounds are provided by NVIDIA. Users should monitor NVIDIA's official security bulletins for updates and consider restricting access to systems running the affected library. The vulnerability is rated high severity with a CVSS v3 base score of 7.8.