VYPR

Nemo

by Nvidia

Source repositories

CVEs (8)

  • CVE-2026-24228HigJun 16, 2026
    risk 0.51cvss 7.8epss 0.00

    NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure.

  • CVE-2026-24155HigJun 16, 2026
    risk 0.51cvss 7.8epss 0.00

    NVIDIA NeMo Framework for all platforms contains a code injection vulnerability. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

  • CVE-2025-33226Dec 16, 2025
    risk 0.00cvss epss 0.00

    NVIDIA NeMo Framework for all platforms contains a vulnerability where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.

  • CVE-2025-33212Dec 16, 2025
    risk 0.00cvss epss 0.00

    NVIDIA NeMo Framework contains a vulnerability in model loading that could allow an attacker to exploit improper control mechanisms if a user loads a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges,…

  • CVE-2025-33205Nov 25, 2025
    risk 0.00cvss epss 0.00

    NVIDIA NeMo framework contains a vulnerability in a predefined variable, where an attacker could cause inclusion of functionality from an untrusted control sphere by use of a predefined variable. A successful exploit of this vulnerability may lead to code execution.

  • CVE-2025-23304Aug 13, 2025
    risk 0.00cvss epss 0.01

    NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and…

  • CVE-2024-0129Oct 15, 2024
    risk 0.00cvss epss 0.00

    NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. A successful exploit of this vulnerability may lead to code execution and data tampering.

  • CVE-2024-0081Apr 5, 2024
    risk 0.00cvss epss 0.01

    NVIDIA NeMo framework for Ubuntu contains a vulnerability in tools/asr_webapp where an attacker may cause an allocation of resources without limits or throttling. A successful exploit of this vulnerability may lead to a server-side denial of service.