What is the CVSS score of CVE-2026-24158?

CVE-2026-24158 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Which versions of Nvidia are affected by CVE-2026-24158?

NVIDIA Triton Inference Server deployments are vulnerable to remote denial of service attacks through malicious compressed payloads, with no patch currently available.

How to fix or mitigate CVE-2026-24158?

Within 24 hours: Inventory all Triton Inference Server instances and assess exposure (internet-facing vs. internal). Within 7 days: Implement network segmentation to restrict HTTP endpoint access and deploy WAF rules blocking large compressed payloads to Triton endpoints. Within 30 days: Monitor NVIDIA security advisories for patch availability and establish a testing/deployment plan; evaluate alternative inference server solutions if Triton remains unpatched.

Nvidia CVE-2026-24158

EUVD-2026-15013 HIGH

Memory Allocation with Excessive Size Value (CWE-789)

2026-03-24 nvidia

GHSA-272x-gpf6-6c9f

Denial Of Service Nvidia

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 24, 2026 - 20:31 euvd

EUVD-2026-15013

Analysis Generated

Mar 24, 2026 - 20:31 vuln.today

CVE Published

Mar 24, 2026 - 20:26 nvd

HIGH 7.5

DescriptionNVD

NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint where an attacker may cause a denial of service by providing a large compressed payload. A successful exploit of this vulnerability may lead to denial of service.

AnalysisAI

NVIDIA Triton Inference Server contains a denial of service vulnerability in its HTTP endpoint that can be exploited by sending large compressed payloads. The vulnerability has a CVSS score of 7.5 (High) and is exploitable remotely without authentication or user interaction. …

RemediationAI

Within 24 hours: Inventory all Triton Inference Server instances and assess exposure (internet-facing vs. internal). …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory