NVIDIA APEX for Linux Deserialization Vulnerability (PyTorch < 2.6)
CVE-2025-33244 Published on March 24, 2026

NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier than 2.6. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, data tampering, and information disclosure.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

CHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CVE-2025-33244 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.

Affected Versions

NVIDIA Apex Version All versions that do not include commit db8e053 is affected by CVE-2025-33244

Exploit Probability

EPSS

0.04%

Percentile

10.09%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

NVIDIA APEX for Linux Deserialization Vulnerability (PyTorch < 2.6)CVE-2025-33244 Published on March 24, 2026

Vulnerability Analysis

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

Affected Versions

Exploit Probability

NVIDIA APEX for Linux Deserialization Vulnerability (PyTorch < 2.6)
CVE-2025-33244 Published on March 24, 2026