CVE-2025-33180

HIGH 8.0

CVSS Score

8.0

EPSS Score

0.0%

EPSS Percentile

0th

NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could inject a command. A successful exploit of this vulnerability might lead to escalation of privileges.

CWE	CWE-77
Vendor	nvidia
Product	cumulus linux ga
Published	Feb 24, 2026
Last Updated	Feb 24, 2026

Stay Ahead of the Next One

Get instant alerts for nvidia cumulus linux ga

Be the first to know when new high vulnerabilities affecting nvidia cumulus linux ga are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

NVIDIA / Cumulus Linux GA

All versions prior to 5.14 (5.13.x, 5.12.x, and older GA versions)

NVIDIA / Cumulus Linux LTS

All versions prior to 5.11.4

NVIDIA / Cumulus Linux LTS

All versions prior to 5.9.4

NVIDIA / NVOS

All versions prior to 1.3 - 25.02.244

NVIDIA / NVOS

All versions prior to 25.02.4282

NVIDIA / NVOS

All versions prior to 25.02.5030

References

NVD ↗ CVE.org ↗ EPSS Data ↗

nvd.nist.gov: https://nvd.nist.gov/vuln/detail/CVE-2025-33180 cve.org: https://www.cve.org/CVERecord?id=CVE-2025-33180 nvidia.custhelp.com: https://nvidia.custhelp.com/app/answers/detail/a_id/5722