What is CVE-2025-33221?

CVE-2025-33221 is a medium-severity vulnerability in Nvidia Geforce, classified under Improper Input Validation. CVSS score: 4.4/10. Published 2026-05-26.

How severe is CVE-2025-33221?

Medium severity. CVSS v3 base score is 4.4 out of 10.

Improper input validation in Nvidia Geforce

CVE-2025-33221

NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data t…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.000 (0.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.4 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H.

Affected products

Nvidia Geforce — versions All driver versions prior to 595.71.05, All driver versions prior to 580.159.03, All driver versions prior to 535.309.01
Nvidia Guest Driver — versions 595.58.03(All versions prior to and including vGPU 20.0), 580.126.09(All versions prior to and including vGPU 19.4), 535.288.01(All versions prior to and including vGPU 16.13)
Nvidia Rtx, Quadro, Nvs — versions All driver versions prior to 595.71.05, All driver versions prior to 580.159.03, All driver versions prior to 535.309.01
Nvidia Rtx, Quadro, Nvs — versions All driver versions prior to 595.71.05, All driver versions prior to 580.159.03, All driver versions prior to 535.309.01
Nvidia Tesla — versions All driver versions prior to 595.71.05, All driver versions prior to 580.159.03, All driver versions prior to 535.309.01

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

Frequently asked questions

What is CVE-2025-33221?: CVE-2025-33221 is a medium-severity vulnerability in Nvidia Geforce, classified under Improper Input Validation. CVSS score: 4.4/10. Published 2026-05-26.
How severe is CVE-2025-33221?: Medium severity. CVSS v3 base score is 4.4 out of 10.