Critical NVIDIA Container Toolkit Flaw CVE-2025-23266 with CVSS 9.0 Affects 37% of Cloud; Broadcom Patches VMware Flaws

A critical vulnerability has been discovered in the NVIDIA Container Toolkit, identified as CVE-2025-23266, which allows attackers to escalate privileges and hijack AI containers with minimal code—just three lines. This flaw carries a CVSS score of 9.0 and affects approximately 37% of cloud environments, posing risks of full server takeover and theft of AI models. The issue has raised concerns about security in AI cloud services. Separately, Broadcom has released patches addressing critical VMware vulnerabilities that were exploited at the Pwn2Own Berlin 2025 hacking competition. Additionally, firmware vulnerabilities continue to affect the supply chain, and nearly 2,000 MCP servers have been reported to have no security protections, highlighting ongoing cybersecurity challenges in enterprise and cloud infrastructure.