This page lists publicly disclosed CVE vulnerabilities affecting nvidia megatron-lm (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-24152 | NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | [email protected] | 7.8 | 0.21% | 2026-03-24 | 2026-03-25 |
| CVE-2026-24151 | NVIDIA Megatron-LM contains a vulnerability in inferencing where an Attacker may cause an RCE by convincing a user to load a maliciously crafted input. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | [email protected] | 7.8 | 0.21% | 2026-03-24 | 2026-03-25 |
| CVE-2026-24150 | NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | [email protected] | 7.8 | 0.21% | 2026-03-24 | 2026-03-25 |
| CVE-2025-33248 | NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | [email protected] | 7.8 | 0.21% | 2026-03-24 | 2026-03-25 |
| CVE-2025-33247 | NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | [email protected] | 7.8 | 0.32% | 2026-03-24 | 2026-03-25 |
| CVE-2025-23354 | NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensemble_classifer script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information disclosure, and data tampering. | [email protected] | 7.8 | 0.21% | 2025-09-24 | 2025-10-10 |
| CVE-2025-23353 | NVIDIA Megatron-LM for all platforms contains a vulnerability in the msdp preprocessing script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information disclosure, and data tampering. | [email protected] | 7.8 | 0.21% | 2025-09-24 | 2025-10-10 |
| CVE-2025-23349 | NVIDIA Megatron-LM for all platforms contains a vulnerability in the tasks/orqa/unsupervised/nq.py component, where an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | [email protected] | 7.8 | 0.21% | 2025-09-24 | 2025-10-10 |
| CVE-2025-23348 | NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretrain_gpt script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | [email protected] | 7.8 | 0.21% | 2025-09-24 | 2025-10-10 |
| CVE-2025-23306 | NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/ arguments.py component where an attacker could cause a code injection issue by providing a malicious input. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | [email protected] | 7.8 | 0.19% | 2025-08-13 | 2025-09-19 |
| CVE-2025-23305 | NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | [email protected] | 7.8 | 0.19% | 2025-08-13 | 2025-09-19 |
| CVE-2025-23265 | NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability may lead to Code Execution, Escalation of Privileges, Information Disclosure and Data Tampering. | [email protected] | 7.8 | 0.27% | 2025-06-24 | 2025-10-01 |
| CVE-2025-23264 | NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by providing a malicious file. A successful exploit of this vulnerability may lead to Code Execution, Escalation of Privileges, Information Disclosure and Data Tampering. | [email protected] | 7.8 | 0.27% | 2025-06-24 | 2025-10-01 |