NVIDIA Cuda Toolkit
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in NVIDIA Cuda Toolkit.
Recent NVIDIA Cuda Toolkit Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 5755 | Security Bulletin - CUDA Toolkit - January 2026 | January 20, 2026 |
| 5661 | Security Bulletin: NVIDIA CUDA Toolkit - September 2025 | September 23, 2025 |
| 5643 | Security Bulletin: NVIDIA CUDA Toolkit - May 2025 | May 27, 2025 |
| 5594 | Security Bulletin: NVIDIA CUDA Toolkit - January 2025 | February 18, 2025 |
By the Year
In 2026 there have been 4 vulnerabilities in NVIDIA Cuda Toolkit with an average score of 7.2 out of ten. Last year, in 2025 Cuda Toolkit had 22 security vulnerabilities published. Right now, Cuda Toolkit is on track to have less security vulnerabilities in 2026 than it did last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 3.54.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 4 | 7.15 |
| 2025 | 22 | 3.61 |
| 2024 | 9 | 5.25 |
| 2023 | 8 | 4.68 |
| 2022 | 1 | 4.40 |
It may take a day or so for new Cuda Toolkit vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent NVIDIA Cuda Toolkit Security Vulnerabilities
NVIDIA Nsight Systems DLL Search Path Vulnerability (Windows)
CVE-2025-33231
6.7 - Medium
- January 20, 2026
NVIDIA Nsight Systems for Windows contains a vulnerability in the applications DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service and information disclosure.
DLL preloading
Nsight Systems Linux .run Installer OS Command Injection Escalation
CVE-2025-33230
7.3 - High
- January 20, 2026
NVIDIA Nsight Systems for Linux contains a vulnerability in the .run installer, where an attacker could cause an OS command injection by supplying a malicious string to the installation path. A successful exploit of this vulnerability might lead to escalation of privileges, code execution, data tampering, denial of service, and information disclosure.
Shell injection
NVIDIA Nsight Visual Studio Monitor RCE via local privilege escalation
CVE-2025-33229
7.3 - High
- January 20, 2026
NVIDIA Nsight Visual Studio for Windows contains a vulnerability in Nsight Monitor where an attacker can execute arbitrary code with the same privileges as the NVIDIA Nsight Visual Studio Edition Monitor application. A successful exploit of this vulnerability may lead to escalation of privileges, code execution, data tampering, denial of service, and information disclosure.
DLL preloading
Nsight Systems: OS Command Injection via process_nsys_rep_cli.py
CVE-2025-33228
7.3 - High
- January 20, 2026
NVIDIA Nsight Systems contains a vulnerability in the gfx_hotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the process_nsys_rep_cli.py script if the script is invoked manually. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure.
Shell injection
NVIDIA CUDA Toolkit cuobjdump NULL deref DoS
CVE-2025-23346
3.3 - Low
- September 24, 2025
NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a limited denial of service.
NULL Pointer Dereference
NVIDIA CUDA Toolkit nvdisasm OOB Read Partial DoS
CVE-2025-23340
3.3 - Low
- September 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.
Out-of-bounds Read
Stack-based Buffer Overflow in cuobjdump (CUDA Toolkit) Leading to Code Exec
CVE-2025-23339
3.3 - Low
- September 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may cause a stack-based buffer overflow by getting the user to run cuobjdump on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running cuobjdump.
Stack Overflow
CUDA Toolkit nvdisasm OOB Write DoS Vulnerability
CVE-2025-23338
3.3 - Low
- September 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
out-of-bounds array index
NVDA CUDA Toolkit Heap Buffer Overflow in nvdisasm (CVE-2025-23308)
CVE-2025-23308
3.3 - Low
- September 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cause a heap-based buffer overflow by getting the user to run nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level of the user running nvdisasm.
Heap-based Buffer Overflow
CUDA Toolkit nvJPEG Local Auth OOB Write via Image Dimensions
CVE-2025-23275
4.2 - Medium
- September 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information disclosure.
Memory Corruption
NVIDIA nvJPEG: JPEG OOB Read via Integer Overflow
CVE-2025-23274
4.5 - Medium
- September 24, 2025
NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted input image with dimensions that cause integer overflows in array index calculations. A successful exploit of this vulnerability may lead to denial of service.
Out-of-bounds Read
nvJPEG Divide-by-Zero DoS in NVIDIA CUDA Toolkit
CVE-2025-23273
2.5 - Low
- September 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service.
Divide By Zero
Out-of-Bounds Read in NVIDIA nvJPEG via Malformed JPEG (CVE-2025-23272)
CVE-2025-23272
5.7 - Medium
- September 24, 2025
NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service.
Out-of-bounds Read
OOB Read in NVIDIA CUDA Toolkit nvdisasm
CVE-2025-23271
3.3 - Low
- September 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.
Out-of-bounds Read
CUDA Toolkit cuobjdump OOB Read Leading to Partial DoS
CVE-2025-23255
3.3 - Low
- September 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user may cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability may lead to a partial denial of service.
Out-of-bounds Read
OOB READ IN NVIDIA CUDA Toolkit nvdisasm
CVE-2025-23248
3.3 - Low
- September 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.
Out-of-bounds Read
NVIDIA CUDA Toolkit cuobjdump Length Check Bypass leads to Arbitrary Code Exec
CVE-2025-23247
- May 27, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.
length manipulation
OOB read in NVIDIA CUDA nvdisasm binary
CVE-2024-53871
- February 25, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service.
Out-of-bounds Read
NVIDIA CUDA Toolkit cuobjdump OOB Read in ELF Partial DoS
CVE-2024-53872
- February 25, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.
Out-of-bounds Read
OOB Read in NVIDIA CUDA Toolkit cuobjdump Binary
CVE-2024-53873
- February 25, 2025
NVIDIA CUDA toolkit for Windows contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.
Out-of-bounds Read
NVIDIA CUDA Toolkit cuobjdump OOB Read Vulnerability
CVE-2024-53874
- February 25, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.
Out-of-bounds Read
Out-of-Bounds Read in NVIDIA CUDA Toolkit cuobjdump Binary
CVE-2024-53875
- February 25, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.
Out-of-bounds Read
CUDA Toolkit cuobjdump OOB Read via Malformed ELF
CVE-2024-53870
- February 25, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.
Out-of-bounds Read
NVIDIA CUDA Toolkit nvdisasm NULL Pointer Denial of Service Vulnerability
CVE-2024-53877
- February 25, 2025
NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause a NULL pointer exception by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service.
NULL Pointer Dereference
CUDA Toolkit `cuobjdump` ELF Crash Denial of Service
CVE-2024-53878
- February 25, 2025
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.
Improper Validation of Specified Quantity in Input
cuobjdump Crash in NVIDIA CUDA Toolkit (CVE-2024-53879)
CVE-2024-53879
- February 25, 2025
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service.
Improper Validation of Specified Quantity in Input
CUDA Toolkit nvdisasm Improper Input Validation Allows DoS
CVE-2024-0123
- October 03, 2024
NVIDIA CUDA toolkit for Windows and Linux contains a vulnerability in the nvdisasm command line tool where an attacker may cause an improper validation in input issue by tricking the user into running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
Improper Validation of Specified Index, Position, or Offset in Input
CUDA Toolkit nvdisasm Freed-Memory DoS via Malformed ELF in nvdisam
CVE-2024-0124
- October 03, 2024
NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause nvdisasm to read freed memory by running it on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.
Dangling pointer
CUDA nvdisam NULL Deref: Potential DoS
CVE-2024-0125
- October 03, 2024
NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where a user can cause a NULL pointer dereference by running nvdisasm on a malformed ELF file. A successful exploit of this vulnerability might lead to a limited denial of service.
NULL Pointer Dereference
CUDA Toolkit cuobjdump ELF Crash Denial of Service Exploit
CVE-2024-0111
4.4 - Medium
- August 31, 2024
NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
Improper Validation of Specified Quantity in Input
CUDA Toolkit cuobjdump OOB Read via Malformed ELF Leading to Unprivileged DoS
CVE-2024-0109
3.3 - Low
- August 31, 2024
NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
Out-of-bounds Read
NV CUDA Toolkit cuobjdump OOB Write via Malformed ELF leads to Code Exec
CVE-2024-0110
7.8 - High
- August 31, 2024
NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
Memory Corruption
NVDisasm OOB Read in NVIDIA CUDA Toolkit
CVE-2024-0102
5.5 - Medium
- August 08, 2024
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.
Out-of-bounds Read
NVIDIA CUDA Toolkit cuobjdump/nvdisasm DOS via Malformed ELF
CVE-2024-0076
- April 05, 2024
NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
CUDA Toolkit cuobjdump/nvdisasm Crash via Malformed ELF (Partial DoS)
CVE-2024-0072
- April 05, 2024
NVIDIA CUDA toolkit for all platforms contains a vulnerability in cuobjdump and nvdisasm where an attacker may cause a crash by tricking a user into reading a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
NVIDIA CUDA Toolkit nvdisasm NULL Pointer Deref in ELF
CVE-2023-25523
3.3 - Low
- July 04, 2023
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.
NULL Pointer Dereference
Out-of-Bounds Read in NVIDIA CUDA Cuobjdump -> DoS & Info Leak
CVE-2023-25513
6.6 - Medium
- April 22, 2023
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure.
Out-of-bounds Read
NVIDIA CUDA Toolkit cuobjdump OOB Read Vulnerability
CVE-2023-25512
6.6 - Medium
- April 22, 2023
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds memory read by running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure.
Out-of-bounds Read
NVIDIA CUDA Toolkit cuobjdump Division-by-Zero Crash Leading to DoS
CVE-2023-25511
3.3 - Low
- April 22, 2023
NVIDIA CUDA Toolkit for Linux and Windows contains a vulnerability in cuobjdump, where a division-by-zero error may enable a user to cause a crash, which may lead to a limited denial of service.
Divide By Zero
NVIDIA CUDA Toolkit cuobjdump NULLPtr Deref DoS
CVE-2023-25510
3.3 - Low
- April 22, 2023
NVIDIA CUDA Toolkit SDK for Linux and Windows contains a NULL pointer dereference in cuobjdump, where a local user running the tool against a malformed binary may cause a limited denial of service.
NULL Pointer Dereference
NVIDIA CUDA Toolkit cuobjdump OOB Read Allowing DoS / RCE
CVE-2023-25514
6.6 - Medium
- April 22, 2023
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure.
Out-of-bounds Read
CUOBJDUMP OOB Read in NVIDIA CUDA Toolkit SDK Local DoS & Info Leak
CVE-2023-0193
4.4 - Medium
- March 10, 2023
NVIDIA CUDA Toolkit SDK contains a vulnerability in cuobjdump, where a local user running the tool against a malicious binary may cause an out-of-bounds read, which may result in a limited denial of service and limited information disclosure.
Out-of-bounds Read
NVIDIA CUDA Toolkit cuobjdump Null Pointer Deref DoS
CVE-2023-0196
3.3 - Low
- March 02, 2023
NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local user running the tool against an ill-formed binary may cause a null- pointer dereference, which may result in a limited denial of service.
NULL Pointer Dereference
NVIDIA CUDA Toolkit cuobjdump Stack Buffer Overflow (CVE-2022-34667)
CVE-2022-34667
4.4 - Medium
- November 19, 2022
NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for NVIDIA Cuda Toolkit or by NVIDIA? Click the Watch button to subscribe.
