Is this page helpful?

Release Notes#

This page lists changes, fixes, and known issues for the NIM LLM Production Branch version 6 (PB6) release.

Important

PB releases (indicated by the -pb tag) provide stable, secure AI frameworks and SDKs for mission-critical applications. Refer to NVIDIA AI Enterprise Release Branches for more details.

Release 2.0.4-pb6#

NIM LLM 2.0.4-pb6 is the NVIDIA AI Enterprise Production Branch 6 (PB6) release of NIM LLM. This release uses the standard NIM LLM 2.0.4 documentation set as its baseline and adds PB-specific release information on this page.

Unless a PB-specific update is listed here, the standard 2.0.4 release notes apply.

Highlights#

The following updates are specific to the 2.0.4-pb6 documentation set:

  • Updated the Support Matrix with the PB6 model-free and model-specific NIMs.

  • Clarified that PB releases provide stable and secure NVIDIA AI Enterprise release branches for mission-critical deployments.

  • Updated OpenShift SecurityContextConstraints (SCC) guidance for restricted-v2 and restricted-v3.

  • Added guidance for PB6 air-gapped deployments, including runtime cache and telemetry control environment variables.

Security Alerts#

This release includes the following security alerts:

  • CVE-2026-42311 (Pillow 12.1.1): For vision language model (VLM) deployments, do not allow untrusted image sources with multimodal serving.

  • CVE-2026-44222 (vLLM 0.17.1): Do not allow untrusted client input with multimodal serving.

  • CVE-2026-27893 (vLLM 0.17.1): Do not load VLMs from untrusted sources. Some VLMs (for example, Kimi-K2.5 and NemotronVL) automatically enable remote code execution.

Bug Fixes#

No PB-specific known issues are documented as fixed in this release. For fixes from the baseline release, refer to the standard 2.0.4 release notes.

Known Issues#

No PB-specific known issues are documented for this release. For baseline known issues and limitations, refer to the standard 2.0.4 release notes.