CVE-2025-33244

CRITICAL 9.0

CVSS Score

9.0

EPSS Score

0.0%

EPSS Percentile

0th

NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier than 2.6. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, data tampering, and information disclosure.

CWE	CWE-502
Vendor	nvidia
Product	apex
Published	Mar 24, 2026
Last Updated	Mar 25, 2026

Stay Ahead of the Next One

Get instant alerts for nvidia apex

Be the first to know when new critical vulnerabilities affecting nvidia apex are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

NVIDIA / Apex

All versions that do not include commit db8e053

References

NVD ↗ CVE.org ↗ EPSS Data ↗

nvd.nist.gov: https://nvd.nist.gov/vuln/detail/CVE-2025-33244 cve.org: https://www.cve.org/CVERecord?id=CVE-2025-33244 nvidia.custhelp.com: https://nvidia.custhelp.com/app/answers/detail/a_id/5782