Platform
python
Component
megatron-lm
Fixed in
0.12.3
CVE-2025-23305 describes a code injection vulnerability found within the tools component of NVIDIA Megatron-LM. Successful exploitation could allow an attacker to execute arbitrary code, potentially leading to significant data compromise and system control. This vulnerability impacts all versions of Megatron-LM prior to 0.12.2. A patch has been released in version 0.12.2.
The code injection vulnerability in NVIDIA Megatron-LM allows an attacker to inject and execute malicious code within the affected system. This could manifest in several ways, including gaining unauthorized access to sensitive data, modifying system configurations, or even taking complete control of the machine. The potential for privilege escalation is significant, allowing an attacker to move laterally within the network if the Megatron-LM instance has sufficient permissions. The blast radius extends to any data processed or stored by the Megatron-LM instance, potentially impacting machine learning models, training datasets, and associated infrastructure. While no direct precedent exists for this specific vulnerability, code injection vulnerabilities generally carry a high risk profile due to their potential for widespread impact.
CVE-2025-23305 was publicly disclosed on 2025-08-13. The EPSS score is currently pending evaluation. No public proof-of-concept (PoC) code has been released at the time of writing. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.03% (7% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-23305 is to immediately upgrade NVIDIA Megatron-LM to version 0.12.2 or later. If upgrading is not immediately feasible due to compatibility concerns or testing requirements, consider implementing stricter input validation and sanitization within the tools component to prevent malicious code from being injected. Review and restrict access permissions for the Megatron-LM instance to limit the potential impact of a successful exploit. Network segmentation can also help contain the blast radius. There are no specific WAF or proxy rules that can directly address this vulnerability, as it stems from code execution within the application itself.
Actualice NVIDIA Megatron-LM a la versión 0.12.2 o posterior. Esto corregirá la vulnerabilidad de inyección de código en el componente de herramientas. La actualización mitigará el riesgo de ejecución de código, escalada de privilegios, divulgación de información y manipulación de datos.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-23305 is a code injection vulnerability affecting NVIDIA Megatron-LM versions before 0.12.2. It allows attackers to execute arbitrary code, potentially leading to data compromise and system control.
You are affected if you are using NVIDIA Megatron-LM versions prior to 0.12.2. Check your installed version and upgrade immediately if vulnerable.
Upgrade to NVIDIA Megatron-LM version 0.12.2 or later to resolve the vulnerability. If immediate upgrade isn't possible, implement stricter input validation and restrict access permissions.
No active exploitation has been confirmed at this time, but the vulnerability is considered HIGH severity and should be addressed promptly.
Refer to the NVIDIA security bulletin for detailed information and updates regarding CVE-2025-23305: [https://nvidia.github.io/security-bulletins/](https://nvidia.github.io/security-bulletins/)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.