Nvidia Triton Inference Server vulnerabilities

CVE-2025-23317 [CRITICAL] CWE-122 CVE-2025-23317: NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.

CVE-2025-23310 [CRITICAL] CWE-121 CVE-2025-23310: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker coul NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data tampering.

CVE-2025-23324 [HIGH] CWE-190 CVE-2025-23324: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cau NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.

CVE-2025-23323 [HIGH] CWE-190 CVE-2025-23323: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cau NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.

CVE-2025-23321 [HIGH] CWE-369 CVE-2025-23321: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cau NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a divide by zero issue by issuing an invalid request. A successful exploit of this vulnerability might lead to denial of service.

CVE-2025-23320 [HIGH] CWE-209 CVE-2025-23320: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause the shared memory limit to be exceeded by sending a very large request. A successful exploit of this vulnerability might lead to information disclosure.

CVE-2025-23325 [HIGH] CWE-674 CVE-2025-23325: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker coul NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service.

CVE-2025-23335 [MEDIUM] CWE-191 CVE-2025-23335: NVIDIA Triton Inference Server for Windows and Linux and the Tensor RT backend contain a vulnerabili NVIDIA Triton Inference Server for Windows and Linux and the Tensor RT backend contain a vulnerability where an attacker could cause an underflow by a specific model configuration and a specific input. A successful exploit of this vulnerability might lead to denial of service.

CVE-2025-23334 [MEDIUM] CWE-125 CVE-2025-23334: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by sending a request. A successful exploit of this vulnerability might lead to information disclosure.

CVE-2025-23331 [HIGH] CWE-789 CVE-2025-23331: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cau NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a memory allocation with excessive size value, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.

CVE-2025-23333 [MEDIUM] CWE-125 CVE-2025-23333: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by manipulating shared memory data. A successful exploit of this vulnerability might lead to information disclosure.

CVE-2025-23322 [HIGH] CWE-415 CVE-2025-23322: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where multiple request NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where multiple requests could cause a double free when a stream is cancelled before it is processed. A successful exploit of this vulnerability might lead to denial of service.

CVE-2025-23326 [HIGH] CWE-680 CVE-2025-23326: NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker coul NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service.

CVE-2024-53880 [MEDIUM] CWE-190 CVE-2024-53880: NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could cause an integer overflow or wraparound error by loading a model with an extra-large file size that overflows an internal variable. A successful exploit of this vulnerability might lead to denial of service.

CVE-2024-0116 [MEDIUM] CWE-125 CVE-2024-0116: NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. A successful exploit of this vulnerability may lead to denial of service.

CVE-2024-0095 [CRITICAL] CWE-117 CVE-2024-0095: NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can injec NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

CVE-2024-0103 [MEDIUM] CWE-1419 CVE-2024-0103: NVIDIA Triton Inference Server for Linux contains a vulnerability where a user may cause an incorrec NVIDIA Triton Inference Server for Linux contains a vulnerability where a user may cause an incorrect Initialization of resource by network issue. A successful exploit of this vulnerability may lead to information disclosure.

CVE-2024-0087 [CRITICAL] CWE-73 CVE-2024-0087: NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging l NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitrary file. If this file exists, logs are appended to the file. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

CVE-2024-0088 [MEDIUM] CWE-119 CVE-2024-0088: NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a use NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering.

CVE-2024-0100 [MEDIUM] CWE-73 CVE-2024-0100: NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a user c NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a user can corrupt system files. A successful exploit of this vulnerability might lead to denial of service and data tampering.