CVE-2025-23266

9.0 CRITICAL
Published: July 17, 2025 Modified: April 15, 2026
View on NVD

Description

NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://nvidia.custhelp.com/app/answers/detail/a_id/5659
Source: psirt@nvidia.com
https://kidbomb.github.io/posts/nvidia-container-escape-cve-2025-23266-part-2/
Source: af854a3a-2127-422b-91ae-364da2661108
https://kidbomb.github.io/posts/nvidia-container-escape-cve-2025-23266/
Source: af854a3a-2127-422b-91ae-364da2661108
https://news.ycombinator.com/item?id=44818412
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.wiz.io/blog/nvidia-ai-vulnerability-cve-2025-23266-nvidiascape
Source: af854a3a-2127-422b-91ae-364da2661108

5 reference(s) from NVD

Quick Stats

CVSS v3 Score
9.0 / 10.0
EPSS (Exploit Probability)
0.1%
21th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-426

Related CVEs

CVE-2026-6573 6.3
CVE-2026-6572 5.6
CVE-2026-6571 6.3
CVE-2026-6570 2.7
CVE-2026-6569 7.3