Data Validation Issues in NVIDIA TensorRT-LLM Server
CVE-2025-23254

8.8HIGH

Key Information:

Vendor: Nvidia
Status: Tensorrt-llm
Vendor: CVE Published:; 1 May 2025

Badges

📰 News Worthy

What is CVE-2025-23254?

NVIDIA TensorRT-LLM for any platform has a security vulnerability in the Python executor component that allows local attackers to manipulate data validation processes. Exploitation of this flaw may enable unauthorized code execution, potentially leading to information disclosure and data modification, thereby jeopardizing the integrity and confidentiality of the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

TensorRT-LLM Windows All versions prior to 0.18.2

News Articles

GBHackers News

CVE-2025-23254

NVIDIA TensorRT-LLM Vulnerability Let Hackers Run Malicious Code

NVIDIA has issued an urgent security advisory after discovering a significant vulnerability (CVE-2025-23254) in its popular TensorRT-LLM framework.

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5648

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

📰
First article discovered by GBHackers News
May 2, 2025
Vulnerability published
May 1, 2025
Vulnerability Reserved
Jan 14, 2025

JSON

Nvidia

Badges

What is CVE-2025-23254?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

News Articles

NVIDIA TensorRT-LLM Vulnerability Let Hackers Run Malicious Code

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.