Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services

Cybersecurity researchers have disclosed a critical container escape vulnerability in theNVIDIA Container Toolkitthat could pose a severe threat to managed AI cloud services. The vulnerability, tracked as CVE-2025-23266, carries a CVSS score of 9.0 out of 10.0. It has been codenamedNVIDIAScapeby Google-owned cloud security company Wiz. "NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions," NVIDIAsaidin an advisory for the bug. "A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial-of-service." The shortcoming impacts all versions of NVIDIA Container Toolkit up to and including 1.17.7 and NVIDIA GPU Operator up to and including 25.3.0. It has been addressed by the GPU maker in versions 1.17.8 and 25.3.1, respectively. The NVIDIA Container Toolkit refers to a collection of l...