关键信息 CVE-2025-33250 Detail CVE Id: CVE-2025-33250 NVD Published Date: 02/18/2026 NVD Last Modified: 02/20/2026 Source: NVIDIA Corporation Description NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. Metrics CVSS Version 3.x: - Base Score: 7.8 HIGH - Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Weakness Enumeration CWE-ID: CWE-94 CWE Name: Improper Control of Generation of Code ('Code Injection') Known Affected Software Configurations Configuration 1: - CPE: cpe:2.3:a:nvidia:nemo:::::::: - Version: Up to (excluding) 2.6.1 References to Advisories, Solutions, and Tools External Links: - NVD Detail Page - NVIDIA Advisory - CVE Record