NVIDIA NeMo Vulnerability Allows Remote Code Execution

EXECUTIVE SUMMARY:

Multiple security vulnerabilities have been identified in NVIDIA's NeMo Framework, versions 0.0 through 2.7.2. The flaws comprise code injection, OS command injection, and unsafe deserialization, each enabling remote code execution, privilege escalation, information disclosure, and data tampering. Because the vulnerabilities require only low‑privileged local access, an attacker who gains a foothold on a shared training server can leverage them to execute arbitrary commands, compromise confidential AI models, and manipulate pipeline outputs. The impact spans loss of intellectual property, service disruption, and regulatory exposure for organizations that rely on NeMo for generative AI workloads.[emaillocker id="1283"]

• CVE-2026-24155 with a CVSS score of 7.8 – A code injection issue affecting all platforms; exploitation requires low‑privileged local access and can lead to arbitrary code execution, privilege escalation, data tampering, and information disclosure.
  • CVE-2026-24252 with a CVSS score of 7.8 – An OS command injection flaw on Linux; an attacker with a low‑privilege foothold can inject system commands, achieving code execution and further compromise.
  • CVE-2026-24228 with a CVSS score of 7.8 – Unsafe deserialization of untrusted data on Linux; triggers code execution under the same low‑privilege conditions, enabling privilege escalation and data manipulation.

These vulnerabilities collectively present a high‑severity risk to any organization running NeMo, as an attacker with minimal access can gain full control of AI training environments. Exploitation could result in loss of proprietary models, service outages, and compliance breaches, making rapid remediation essential.

RECOMMENDATION:

• We recommend you to update NVIDIA NeMo to version 2.7.3.

REFERENCES:

The following reports contain further technical details:
https://securityonline.info/nvidia-nemo-vulnerabilities/