NVIDIA (Merlin) Products January 2026 Security Update Advisory
Overview
NVIDIA(https://www.nvidia.com) has released a security update that addresses a vulnerability in products it has been made. users of affected products are advised to update to the latest version.
Affected Products
CUDA Toolkit All versions up to CUDA Toolkit 13.1
Merlin All versions that do not include commit 27ddd49
Resolved Vulnerabilities
In NVIDIA Nsight Visual Studio for Windows, an attacker can execute arbitrary code with the same privileges as the nvidia nsight visual studio edition monitor application. a successful exploit of this vulnerability results in a data manipulation vulnerability due to a flaw in the nvidia nsight visual studio edition monitor application (CVE-2025-33229, CVSS 7.3) [1]
Vulnerability Patches
The following product-specific Vulnerability Patches were made available in the January 20, 2026 update. For more information on Vulnerability Patches, please refer to the “Security Updates” section of the product-specific Referenced Sites documentation.
CUDA Toolkit CUDA Toolkit version 13.1
Merlin Any code branch that includes commit 27ddd49 version
Referenced Sites
[1] NVIDIA CUDA Toolkit – January 2026
https://nvidia.custhelp.com/app/answers/detail/a_id/5755
[2] NVIDIA Merlin – January 2026