### Critical Vulnerability Information - **CVE Identifier:** CVE-2025-33243 - **Published Date:** 2026-02-18 - **Updated Date:** 2026-02-18 - **Vendor:** NVIDIA - **Product:** NeMo Framework - **Affected Versions:** All versions prior to 2.6.1 - **Platforms:** All platforms - **CWE:** CWE-502: Deserialization of Untrusted Data - **CVSS Score:** 7.8 (High) - **CVSS Vector String:** CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - **Description:** NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. - **References:** - https://nvd.nist.gov/vuln/detail/CVE-2025-33243 - https://www.cve.org/CVERecord?id=CVE-2025-33243 - https://nvidia.custhelp.com/app/answers/detail/a_id/5762