Code Injection Vulnerability in NVIDIA Isaac-GR00T Product
CVE-2025-33184

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Nvidia Isaac-gr00t N1.5
Vendor: CVE Published:; 18 November 2025

What is CVE-2025-33184?

The NVIDIA Isaac-GR00T for all platforms contains a security flaw within its Python component, enabling attackers to perform code injection. If successfully exploited, this vulnerability may allow unauthorized code execution, leading to escalation of privileges and potential information disclosure or data tampering. Organizations utilizing this software should take immediate action to mitigate risks associated with this vulnerability.

Affected Version(s)

NVIDIA Isaac-GR00T N1.5 All All versions that do not include code commit 7f53666

References

https://nvd.nist.gov/vuln/detail/CVE-2025-33184

https://www.cve.org/CVERecord?id=CVE-2025-33184

https://nvidia.custhelp.com/app/answers/detail/a_id/5725

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 18, 2025
Vulnerability Reserved
Apr 15, 2025

JSON

Nvidia

What is CVE-2025-33184?

Affected Version(s)

References

CVSS V3.1

Timeline