CVE-2025-23266 CRITICAL

CVE-2025-23266

Vendor Nvidia
Product Container Toolkit
Weakness CWE-426
Published July 17, 2025
Last update February 26, 2026

CVSS base score

9.0/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.

Key dates

02Disclosure timeline

July 17, 2025 CVE published
February 26, 2026 Record updated