CVE-2025-23334

CWE-125 ā€” Out-of-bounds Read5 documents5 sources
Severity
7.5HIGH
EPSS
0.1%
top 80.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nvidia Triton Inference Server
Timeline
PublishedAug 6
Latest updateFeb 4

Description

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by sending a request. A successful exploit of this vulnerability might lead to information disclosure.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

ā–¶CVEListV5nvidia/triton_inference_serverAll versions prior to 25.07

šŸ”“Vulnerability Details

2
CVEList
CVE-2025-23334: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds reā†—2025-08-06
ā–¶
GHSA
GHSA-4xwr-57p2-ghxq: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds reā†—2025-08-06
ā–¶

šŸ’„Exploits & PoCs

1
Exploit-DB
aiohttp 3.9.1 - directory traversal PoCā†—2026-02-04
ā–¶
CVE-2025-23334 (HIGH CVSS 7.5) | NVIDIA Triton Inference Server for | cvebase.io