NVIDIA BioNeMo Core Path Traversal Vulnerability Leading to Code Execution and Data Compromise

Vulnerability

A path traversal vulnerability has been identified in NVIDIA BioNeMo Core for Linux. This issue allows users to load malicious files, potentially leading to unauthorized code execution, denial of service, information disclosure, and data tampering. The vulnerability affects versions prior to a specific commit in the main branch.

Impact

Exploitation of this vulnerability could result in arbitrary code execution, a denial-of-service condition, unauthorized information disclosure, and unauthorized data modification.

Added: May 20, 2026, 9:02 PM

Updated: May 20, 2026, 9:02 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.2

remediation

0.0

relevance

8.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.2

remediation

0.0

relevance

8.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NVIDIA BioNeMo Core Path Traversal Vulnerability Leading to Code Execution and Data Compromise

Vulnerability

Impact

Affected Products

NVIDIA BioNeMo Core

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating