Bionemo Framework
by Nvidia
CVEs (30)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-23361 | 0.00 | — | 0.00 | Nov 11, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information… | |||
| CVE-2025-23315 | 0.00 | — | 0.00 | Aug 26, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,… | |||
| CVE-2025-23314 | 0.00 | — | 0.00 | Aug 26, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information… | |||
| CVE-2025-23313 | 0.00 | — | 0.00 | Aug 26, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information… | |||
| CVE-2025-23312 | 0.00 | — | 0.00 | Aug 26, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,… | |||
| CVE-2025-23303 | 0.00 | — | 0.01 | Aug 13, 2025 | NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering. | |||
| CVE-2025-23251 | 0.00 | — | 0.01 | Apr 22, 2025 | NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of generation of code by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering. | |||
| CVE-2025-23250 | 0.00 | — | 0.01 | Apr 22, 2025 | NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper limitation of a pathname to a restricted directory by an arbitrary file write. A successful exploit of this vulnerability might lead to code execution and data tampering. | |||
| CVE-2025-23249 | 0.00 | — | 0.01 | Apr 22, 2025 | NVIDIA NeMo Framework contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering. | |||
| CVE-2025-23360 | 0.00 | — | 0.00 | Mar 11, 2025 | NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this vulnerability may lead to code execution and data tampering. |
- CVE-2025-23361Nov 11, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information…
- CVE-2025-23315Aug 26, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,…
- CVE-2025-23314Aug 26, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information…
- CVE-2025-23313Aug 26, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information…
- CVE-2025-23312Aug 26, 2025risk 0.00cvss —epss 0.00
NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,…
- CVE-2025-23303Aug 13, 2025risk 0.00cvss —epss 0.01
NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.
- CVE-2025-23251Apr 22, 2025risk 0.00cvss —epss 0.01
NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of generation of code by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.
- CVE-2025-23250Apr 22, 2025risk 0.00cvss —epss 0.01
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper limitation of a pathname to a restricted directory by an arbitrary file write. A successful exploit of this vulnerability might lead to code execution and data tampering.
- CVE-2025-23249Apr 22, 2025risk 0.00cvss —epss 0.01
NVIDIA NeMo Framework contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.
- CVE-2025-23360Mar 11, 2025risk 0.00cvss —epss 0.00
NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this vulnerability may lead to code execution and data tampering.
Page 2 of 2