Key Findings NVIDIA has issued critical security updates for its Merlin framework, addressing high-severity vulnerabilities (CVSS 8.8) in two key components: NVTabular and Transformers4Rec. The vulnerabilities stem from unsafe deserialization, which could allow attackers to execute malicious code, tamper with data, or cause denial of service in AI recommendation pipelines. The first flaw (CVE-2025-33214) affects the Workflow component of NVTabular, a feature engineering libra
