CVE-2025-33206 PUBLISHED

Assigner: nvidia
Reserved: 15.04.2025 Published: 14.01.2026 Updated: 26.02.2026

NVIDIA NSIGHT Graphics for Linux contains a vulnerability where an attacker could cause command injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and denial of service.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS Score: 7.8

Attack Vector	Local	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	None	Integrity Impact	High
User Interaction	Required	Availability Impact	High

CVSS 3.1

Product Status

Vendor	NVIDIA
Product	NSIGHT Graphics
Versions	Default: unaffected Version All versions prior to NSIGHT Graphics 2025.5 is affected

References

https://nvd.nist.gov/vuln/detail/CVE-2025-33206
https://www.cve.org/CVERecord?id=CVE-2025-33206
https://nvidia.custhelp.com/app/answers/detail/a_id/5738

Problem Types

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE

Impacts

Code execution, escalation of privileges, data tampering, denial of service