Is Nvidia affected by CVE-2026-24146?

NVIDIA Triton Inference Server contains a remote denial-of-service vulnerability (CVE-2026-24146) that allows unauthenticated attackers to crash inference services through malformed requests, potentially disrupting AI/ML workloads and dependent applications.

CVE-2026-24146

EUVD-2026-19749 HIGH

2026-04-07 nvidia

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Apr 07, 2026 - 18:00 euvd

EUVD-2026-19749

Analysis Generated

Apr 07, 2026 - 18:00 vuln.today

CVE Published

Apr 07, 2026 - 17:11 nvd

HIGH 7.5

Description

NVIDIA Triton Inference Server contains a vulnerability where insufficient input validation and a large number of outputs could cause a server crash. A successful exploit of this vulnerability might lead to denial of service.

Analysis

NVIDIA Triton Inference Server crashes when processing inference requests with insufficient input validation combined with large output counts, enabling remote denial of service without authentication (CVSS 7.5, EPSS data not available). The vulnerability affects all versions prior to r26.02, with no public exploit identified at time of analysis. …

Remediation

Within 24 hours: Inventory all Triton Inference Server deployments and document current versions (particularly those pre-r26.02); isolate Triton instances from untrusted networks where possible. Within 7 days: Implement request validation at the load balancer/API gateway layer to restrict input sizes and output counts; deploy network segmentation to limit Triton exposure; establish monitoring for abnormal request patterns and service crashes. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +38

POC: 0

CVE-2026-24146 vulnerability details – vuln.today

Back

CVE-2026-24146

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-24146

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code