Platform
python
Component
nvidia/megatron-lm
Fixed in
0.13.2
CVE-2025-23348 describes a code injection vulnerability discovered in NVIDIA Megatron-LM, a framework for large language model training. This vulnerability allows attackers to inject malicious code via specially crafted data, potentially leading to severe consequences. The issue affects all versions of Megatron-LM prior to 0.13.1 and 0.12.3. A patch is available in version 0.13.1.
An attacker exploiting CVE-2025-23348 could execute arbitrary code within the context of the Megatron-LM process. This could lead to complete system compromise, including data exfiltration, modification, and denial of service. The potential for privilege escalation is significant, allowing an attacker to gain control over the underlying system. Given Megatron-LM's use in training large language models, the vulnerability could also be leveraged to poison training data, leading to biased or malicious model outputs. The blast radius extends to any system running a vulnerable version of Megatron-LM and processing attacker-controlled data.
CVE-2025-23348 was publicly disclosed on 2025-09-24. The vulnerability's impact, allowing code execution, aligns with high-risk vulnerabilities. No public proof-of-concept (PoC) code has been released at the time of this writing. It is not currently listed on the CISA KEV catalog. The likelihood of exploitation depends on the visibility of vulnerable deployments and the availability of exploit development resources.
Exploit Status
EPSS
0.02% (6% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-23348 is to upgrade to NVIDIA Megatron-LM version 0.13.1 or later. If upgrading immediately is not feasible, carefully scrutinize all input data provided to the pretrain_gpt script. Implement robust input validation and sanitization to prevent the injection of malicious code. Consider using a Web Application Firewall (WAF) to filter potentially malicious requests. Monitor system logs for unusual activity or code execution patterns. After upgrading, confirm the fix by attempting to reproduce the vulnerability with known malicious input and verifying that it is no longer exploitable.
Actualice NVIDIA Megatron-LM a la versión 0.13.1 o posterior. Esto corrige la vulnerabilidad de inyección de código en el script pretrain_gpt. Asegúrese de verificar la integridad de los datos utilizados por el script para evitar la ejecución de código malicioso.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-23348 is a code injection vulnerability in NVIDIA Megatron-LM versions prior to 0.13.1 and 0.12.3, allowing attackers to execute malicious code.
You are affected if you are using NVIDIA Megatron-LM versions prior to 0.13.1 or 0.12.3. Check your version and upgrade immediately.
Upgrade to NVIDIA Megatron-LM version 0.13.1 or later. Implement input validation as a temporary workaround.
No active exploitation has been confirmed at this time, but the vulnerability's severity warrants immediate attention.
Refer to the NVIDIA security bulletin for detailed information and updates: [https://www.nvidia.com/en-us/security/cve/CVE-2025-23348](https://www.nvidia.com/en-us/security/cve/CVE-2025-23348)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.