NVIDIA Merlin Vulnerabilities Allows Malicious Code Execution and DoS Attacks

[Shane1145]

NVIDIA has released urgent security patches for its Merlin machine learning framework after discovering two high-severity deserialization vulnerabilities that could enable attackers to execute malicious code, trigger denial-of-service attacks, and compromise sensitive data on Linux systems.

The security bulletin, published on December 9, 2025, identifies critical flaws in the NVTabular and Transformers4Rec components of NVIDIA Merlin, a widely used open-source framework for building large-scale recommender systems.


https://gbhackers.com/nvidia-merlin-vulnerabilities/