NVIDIA has issued an urgent security advisory after discovering a significant vulnerability (CVE-2025-23254) in its popular TensorRT-LLM framework, urging all users to update to the latest version (0.18.2) to safeguard their systems against potential attacks.
Overview of the Vulnerability
The vulnerability, identified as CVE-2025-23254, affects all versions of the NVIDIA TensorRT-LLM framework before 0.18.2 across Windows, Linux, and macOS platforms.
| CVE ID | Affected Platforms | Affected Versions | Updated Version | Severity | Potential Impact |
| CVE-2025-23254 | Windows, Linux, macOS | All < 0.18.2 | 0.18.2 | High (8.8) | Code execution, info disclosure, data tampering |
The flaw resides in the Python executor component of TensorRT-LLM, specifically in its handling of Inter-Process Communication (IPC) where the Python pickle module is utilized for serialization and deserialization.
.png
)
This process, if improperly secured, can open the door for attackers with local access to execute arbitrary malicious code, tamper with data, or extract sensitive information.
The vulnerability scores a high 8.8 out of 10 on the Common Vulnerability Scoring System (CVSS v3.1), marking it as a high-severity threat.
The underlying technical risk is categorized under CWE‑502, which refers to “Deserialization of Untrusted Data.”
NVIDIA has responded by releasing a security update that enables HMAC (Hash-Based Message Authentication Code) encryption by default for the IPC channel in both main and release branches of TensorRT-LLM.
This enhancement ensures that all serialized communications are encrypted and authenticated, preventing unauthorized code execution.
While users can manually disable this feature by modifying source code parameters (setting use_hmac_encryption = False in the relevant Python files), NVIDIA strongly advises against it, as doing so reintroduces the vulnerability.
To stay protected:
- Update immediately to TensorRT-LLM version 0.18.2 or later from the official GitHub release page.
- If using earlier software branches, upgrade to the latest supported release.
The vulnerability was responsibly reported by Avi Lumelsky of Oligo Security. NVIDIA encourages users to visit the Product Security page for the latest security bulletins, updates, and to subscribe for notifications.
This security issue is critical for any organization or individuals deploying NVIDIA’s TensorRT-LLM framework in production or research environments.Â
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
 in its popular TensorRT-LLM framework.){kind=link}