CVE-2025-33220

Published: Jan 28, 2026

Modified: Feb 26, 2026

PUBLISHED

CVSS v3.1

7.8

HIGH

Description

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.

Vendor	Product	Versions
NVIDIA	GeForce	affected `All driver versions prior to 590.48.01`
NVIDIA	GeForce	affected `All driver versions prior to 580.126.09`
NVIDIA	GeForce	affected `All driver versions prior to 570.211.01`
NVIDIA	GeForce	affected `All driver versions prior to 535.288.01`
NVIDIA	RTX PRO, RTX, Quadro	affected `All driver versions prior to 590.48.01`
NVIDIA	RTX PRO, RTX, Quadro	affected `All driver versions prior to 580.126.09`
NVIDIA	RTX PRO, RTX, Quadro	affected `All driver versions prior to 570.211.01`
NVIDIA	RTX PRO, RTX, Quadro	affected `All driver versions prior to 535.288.01`
NVIDIA	Tesla	affected `All driver versions prior to 590.48.01`
NVIDIA	Tesla	affected `All driver versions prior to 580.126.09`
NVIDIA	Tesla	affected `All driver versions prior to 570.211.01`
NVIDIA	Tesla	affected `All driver versions prior to 535.288.01`
NVIDIA	Virtual GPU Manager	affected `580.105.06(All versions prior to and including vGPU software 19.3)`
NVIDIA	Virtual GPU Manager	affected `570.195.02(All versions prior to and including vGPU software 18.5)`
NVIDIA	Virtual GPU Manager	affected `535.274.03(All versions prior to and including vGPU software 16.13)`