NVIDIA Product Security Update Advisory

Aug 28 2025

Overview

We have released a security update to fix vulnerabilities in NVIDIA products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-23312, CVE-2025-23313, CVE-2025-23314, CVE-2025-23315

NVIDIA NeMo Framework Version: 2.4.0 and earlier

Resolved Vulnerabilities

Code Injection Vulnerability in the retrieval services component in NVIDIA NeMo Framework (CVE-2025-23312)
Code Injection Vulnerability in the NLP Component in NVIDIA NeMo Framework (CVE-2025-23313)
Code Injection Vulnerability in the NLP Component of the NVIDIA NeMo Framework (CVE-2025-23314)
Code Injection Vulnerability in the export and deploy components of the NVIDIA NeMo Framework (CVE-2025-23315)

Vulnerability Patches

Vulnerability patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-23312, CVE-2025-23313, CVE-2025-23314, CVE-2025-23315

NVIDIA NeMo Framework Version: 2.4.0

References

[1] Security Bulletin: NVIDIA NeMo Framework – August 2025
https://nvidia.custhelp.com/app/answers/detail/a_id/5689

NVIDIA Product Security Update Advisory

IBM Product Security Update Advisory

Google Chrome browser (139.0.7258.154/.155) Security Update Advisory

Tags:

IBM Product Security Update Advisory

Google Chrome browser (139.0.7258.154/.155) Security Update Advisory