Critical Flaws in NVIDIA NeMo AI Curator Allow System Takeover

NVIDIA has released a critical update for NVIDIA® NeMo Curator to address a high-severity code injection vulnerability.

Users are urged to download and install the latest Curator release from the NVIDIA NeMo GitHub repository and review detailed guidance on the NVIDIA Product Security portal.

Vulnerability Details

A newly disclosed vulnerability, tracked as CVE-2025-23307, affects all platforms supported by NVIDIA NeMo Curator.

An attacker who crafts a malicious file and tricks the Curator environment into processing it could achieve remote code execution, privilege escalation, unauthorized disclosure of sensitive information, or data tampering.

The vulnerability stems from insufficient validation of user-supplied inputs before dynamic code evaluation (CWE-94).

Under the CVSS v3.1 assessment, this flaw carries a base score of 7.8, reflecting its high impact and relatively low exploitation complexity (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

• Attack Vector: Local file manipulation
• Privileges Required: Low
• User Interaction: None
• Impact: High on confidentiality, integrity, and availability

NVIDIA’s risk assessment aggregates data from diverse deployments and may not fully represent the risk profile of every environment.

Administrators should evaluate the update’s urgency relative to their specific configurations and threat models.

Security Updates

To mitigate CVE-2025-23307, NVIDIA has published Curator version 25.07, which includes input sanitization and stricter evaluation controls.

All previous versions—across Windows, Linux, and macOS—are vulnerable. Users on older branch releases should upgrade to the latest branch to ensure continued protection.

Acknowledgements:

NVIDIA thanks D.K. for reporting CVE-2025-23307 and working with the NVIDIA Product Security Incident Response Team (PSIRT) to validate the fix.

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates