CVE-2025-33230 HIGH

CVE-2025-33230

Vendor Nvidia
Product CUDA Toolkit
Weakness CWE-78
Published January 20, 2026
Last update February 26, 2026

CVSS base score

7.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

NVIDIA Nsight Systems for Linux contains a vulnerability in the .run installer, where an attacker could cause an OS command injection by supplying a malicious string to the installation path. A successful exploit of this vulnerability might lead to escalation of privileges, code execution, data tampering, denial of service, and information disclosure.

Key dates

02Disclosure timeline

January 20, 2026 CVE published
February 26, 2026 Record updated