Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Remote unauthenticated low-complexity request to an exposed inference endpoint (AV:N/AC:L/PR:N/UI:N); decompression-bomb causes availability loss only, so C:N/I:N/A:H.
Primary rating from Vendor (nvidia).
CVSS VectorVendor: nvidia
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to denial of service.
Articles & Coverage 1
AnalysisAI
Denial of service in NVIDIA Triton Inference Server for Linux allows remote unauthenticated attackers to exhaust server resources by submitting highly compressed (data-amplification / decompression-bomb) input that the server improperly handles during decompression. The flaw (CWE-409) affects the Linux distribution of Triton and carries a CVSS 7.5 (availability-only impact); there is no public exploit identified at time of analysis and it is not listed in CISA KEV. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires network access to a Triton Inference Server (Linux) endpoint that accepts compressed request data, and the attacker must be able to submit a highly compressed / data-amplifying payload that the server decompresses - this decompression-handling path is the specific prerequisite. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H indicates a network-reachable, low-complexity attack requiring no privileges or user interaction, with a high but availability-only impact - consistent with a resource-exhaustion DoS rather than code execution or data exposure. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with network reachability to an exposed Triton HTTP or gRPC endpoint sends a small, specially crafted, highly compressed request that expands to an enormous size when the server decompresses it, exhausting memory or CPU and rendering the inference service unavailable to legitimate users. Because no authentication or user interaction is required (PR:N/UI:N) and complexity is low (AC:L), a single or repeated crafted request can trigger the outage; no public POC is currently identified. |
| Remediation | Patch available per vendor advisory - consult the NVIDIA product-security bulletin at https://github.com/NVIDIA/product-security/tree/main/2026/5848 and upgrade to the fixed Triton Inference Server release listed there, as the provided data does not include an exact fixed version number to cite. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
**24 hours:** Inventory all production deployments of Triton Inference Server for Linux and assess criticality; implement network-layer access controls restricting client connections to trusted sources only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Triton Inference Server
View allNVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified
NVIDIA Triton Inference Server contains a vulnerability where an attacker may cause an improper check for unusual or exc
Use-after-free memory corruption in NVIDIA Triton Inference Server on Linux enables remote attackers to crash the infere
NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack over
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause a denial of
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause memory corru
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bo
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker c
NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper inpu
NVIDIA Triton Inference Server for Windows and Linux and the Tensor RT backend contain a vulnerability where an attacker
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker c
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker c
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41025
GHSA-vq94-fcwh-99v7