CVE ID: CVE-2025-33230 Publish Date and Last Modified: - Published Date: 2026-01-02 - Last Modified: 2026-01-02 Description: In the .run installer for NVIDIA Nsight Systems for Linux, there exists a vulnerability that allows any attacker who provides a malicious installation path to inject OS commands, potentially leading to privilege escalation, code execution, data tampering, service denial, or information leakage. CVSS 3.x Severity and Vector Strings: - Base Score:7.3 (High Risk) - Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H References: Links to various resources and tools provided by NVIDIA Corporation. Weakness Enumeration: COWE-78: Improper Neutralization of Special Elements in OS Command ('OS Command Injection') Change History: There is one record of changes, which can be viewed in detail.