Bionemo Framework
by Nvidia
CVEs (30)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-24217 | Hig | 0.57 | 8.8 | 0.01 | May 20, 2026 | NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||
| CVE-2026-24164 | Hig | 0.57 | 8.8 | 0.00 | Mar 31, 2026 | NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||
| CVE-2026-24165 | Hig | 0.51 | 7.8 | 0.00 | Mar 31, 2026 | NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||
| CVE-2026-24159 | 0.00 | — | 0.01 | Mar 24, 2026 | NVIDIA NeMo Framework contains a vulnerability where an attacker may cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and data tampering. | |||
| CVE-2026-24157 | 0.00 | — | 0.01 | Mar 24, 2026 | NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and data tampering. | |||
| CVE-2025-33253 | 0.00 | — | 0.00 | Feb 18, 2026 | NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and… | |||
| CVE-2025-33252 | 0.00 | — | 0.00 | Feb 18, 2026 | NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | |||
| CVE-2025-33251 | 0.00 | — | 0.00 | Feb 18, 2026 | NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | |||
| CVE-2025-33250 | 0.00 | — | 0.00 | Feb 18, 2026 | NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | |||
| CVE-2025-33249 | 0.00 | — | 0.00 | Feb 18, 2026 | NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,… | |||
| CVE-2025-33246 | 0.00 | — | 0.01 | Feb 18, 2026 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Evaluator utility, where a user could cause a command injection by supplying crafted input to a configuration parameter. A successful exploit of this vulnerability might lead to code execution,… | |||
| CVE-2025-33245 | 0.00 | — | 0.01 | Feb 18, 2026 | NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | |||
| CVE-2025-33243 | 0.00 | — | 0.00 | Feb 18, 2026 | NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | |||
| CVE-2025-33241 | 0.00 | — | 0.00 | Feb 18, 2026 | NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by loading a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | |||
| CVE-2025-33236 | 0.00 | — | 0.00 | Feb 18, 2026 | NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | |||
| CVE-2025-33226 | 0.00 | — | 0.00 | Dec 16, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | |||
| CVE-2025-33212 | 0.00 | — | 0.00 | Dec 16, 2025 | NVIDIA NeMo Framework contains a vulnerability in model loading that could allow an attacker to exploit improper control mechanisms if a user loads a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,… | |||
| CVE-2025-33205 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution. | |||
| CVE-2025-33204 | 0.00 | — | 0.00 | Nov 25, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information… | |||
| CVE-2025-33178 | 0.00 | — | 0.00 | Nov 11, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to Code execution, Escalation of privileges, Information… |
- risk 0.57cvss 8.8epss 0.01
NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
- risk 0.57cvss 8.8epss 0.00
NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
- risk 0.51cvss 7.8epss 0.00
NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
- CVE-2026-24159Mar 24, 2026risk 0.00cvss —epss 0.01
NVIDIA NeMo Framework contains a vulnerability where an attacker may cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and data tampering.
- CVE-2026-24157Mar 24, 2026risk 0.00cvss —epss 0.01
NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and data tampering.
- CVE-2025-33253Feb 18, 2026risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and…
- CVE-2025-33252Feb 18, 2026risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
- CVE-2025-33251Feb 18, 2026risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
- CVE-2025-33250Feb 18, 2026risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
- CVE-2025-33249Feb 18, 2026risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,…
- CVE-2025-33246Feb 18, 2026risk 0.00cvss —epss 0.01
NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Evaluator utility, where a user could cause a command injection by supplying crafted input to a configuration parameter. A successful exploit of this vulnerability might lead to code execution,…
- CVE-2025-33245Feb 18, 2026risk 0.00cvss —epss 0.01
NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
- CVE-2025-33243Feb 18, 2026risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
- CVE-2025-33241Feb 18, 2026risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by loading a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
- CVE-2025-33236Feb 18, 2026risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
- CVE-2025-33226Dec 16, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
- CVE-2025-33212Dec 16, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework contains a vulnerability in model loading that could allow an attacker to exploit improper control mechanisms if a user loads a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,…
- CVE-2025-33205Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution.
- CVE-2025-33204Nov 25, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP and LLM components, where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information…
- CVE-2025-33178Nov 11, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to Code execution, Escalation of privileges, Information…
Page 1 of 2