VDB
AZL-65648
AZL-65648
PUBLISHED
CVSS 9.300000190734863 CRITICAL
CVE-2025-23266 affecting package nvidia-container-toolkit for versions less than 1.17.8-1
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Azure Linux:3 | nvidia-container-toolkit | 0 |
Exploit Intelligence
- Original security research into container boundary weaknesses. Published: OCI hook privilege escalation in rootless Podman deployments (CVE-2025-23266). (github-poc-repo)
- Original security research into container boundary weaknesses. Published: OCI hook privilege escalation in rootless Podman deployments (CVE-2025-23266). (github-poc)
- CVE-2025-23266 – Fully Weaponized NVIDIA Container Toolkit Exploit (github-poc-repo)
- Original security research into container boundary weaknesses. Published: OCI hook privilege escalation in rootless Podman deployments (CVE-2025-23266). (github-poc-repo)
- Original security research into container boundary weaknesses. Published: OCI hook privilege escalation in rootless Podman deployments (CVE-2025-23266). (github-poc)
- CVE-2025-23266 targets FastAPI’s parse_request() function, where oversized HTTP headers cause a buffer overflow and remote code execution. The article explains how attackers can escape container boundaries, compromise AI workloads, and how tools like Sentinel can detect and mitigate the threat (github-poc)
- cve-2025-23266-migration-bypass (github-poc)
- CVE-2025-23266 – Fully Weaponized NVIDIA Container Toolkit Exploit (github-poc)
- PoC for NVIDIAScape bug (github-poc)
- vul.go (github-poc)
…and 8 more exploits
Timeline
- Jul 17, 2025 CVE Published
- Apr 21, 2026 CVE Updated