CVE-2025-23266

Published Jul 17, 2025

Last updated a day ago

CVSS critical 9.0

Overview

Description
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.
Source
psirt@nvidia.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
9
Impact score
6
Exploitability score
2.3
Vector string
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

psirt@nvidia.com
CWE-426

Social media

Hype score
Not currently trending

  1. NVIDIA Container ToolkitにNVIDIAScape脆弱性(CVE-2025-23266) ・ 悪意のあるコンテナが隔離を脱出し、ホストマシンへのルートアクセスを取得可能 ・ 悪用に必要なのは、たった3行のDockerfile ・ 個人だけでなく、GPUサー

    @taksasDESUYO

    18 Jul 2025

    136 Impressions

    0 Retweets

    7 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 ثغرة خطيرة تهدد بيئات الذكاء الاصطناعي السحابية كشفت شركة Wiz عن ثغرة أمنية حرجة في أداة NVIDIA Container Toolkit تحت الرقم CVE-2025-23266، وأطلقت عليها اسم NVIDIAScape، بتقيي

    @buhaimedi

    18 Jul 2025

    64 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  3. Critical Security Flaw Found in NVIDIA Container Toolkit A high-severity vulnerability (CVE-2025-23266), dubbed “NVIDIAScape,” has been discovered in the NVIDIA Container Toolkit, allowing attackers to escape containers and escalate privileges. The flaw affects all versions

    @roadtoasi

    18 Jul 2025

    48 Impressions

    0 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. ⚠️ Weekly vuln radar. https://t.co/Cd6L8AD6Bt – spot what’s trending before it’s everywhere: CVE-2025-29824 CVE-2025-6543 CVE-2025-20337 CVE-2025-6558 (via @_clem1) CVE-2025-49144 CVE-2025-24985 CVE-2025-20274 CVE-2025-23266 (via @nirohfeld @shirtamari) CVE-2021-41773

    @ptdbugs

    18 Jul 2025

    86 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  5. [CVE-2025-23266: CRITICAL] Vulnerability found in NVIDIA Container Toolkit allows attackers to execute arbitrary code with elevated permissions, potentially leading to privilege escalation and other cyber th...#cve,CVE-2025-23266,#cybersecurity https://t.co/NQCAbiFTYU https://t.c

    @CveFindCom

    17 Jul 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2025-23266 NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code wit… https://t.co/1R3mHpfyaB

    @CVEnew

    17 Jul 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. NVIDIAScape - NVIDIA AI Vulnerability (CVE-2025-23266) | Wiz Blog https://t.co/E8Itiht1xR

    @akaclandestine

    17 Jul 2025

    2140 Impressions

    10 Retweets

    33 Likes

    8 Bookmarks

    1 Reply

    1 Quote

  8. Warning: Critical vulnerability in #NVIDIA Container Toolkit. #CVE-2025-23266 CVSS: 9.0. Exploitation might lead to privilege escalation, info disclosure, tampering, or DoS. More info: https://t.co/PFtkVC6S1u #Patch #Patch #Patch

    @CCBalert

    17 Jul 2025

    26 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.