Skip to main content

NVIDIA Triton Inference Server EUVDEUVD-2026-31055

| CVE-2026-24213 HIGH
Out-of-bounds Read (CWE-125)
2026-05-20 nvidia GHSA-3vpm-cx76-554p
8.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.0 HIGH
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
May 20, 2026 - 04:02 vuln.today

DescriptionCVE.org

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or information disclosure.

AnalysisAI

Out-of-bounds read in the DALI backend of NVIDIA Triton Inference Server allows authenticated remote attackers to trigger memory disclosure that may escalate to code execution, data tampering, or denial of service. The flaw carries a CVSS 8.0 (High) rating reflecting low-privilege network access with required user interaction, and no public exploit identified at time of analysis. NVIDIA has published a security bulletin addressing the issue.

Technical ContextAI

NVIDIA Triton Inference Server is an open-source inference-serving platform used to deploy AI/ML models at scale across GPU and CPU environments, exposing HTTP/gRPC endpoints for model execution. The vulnerable component is the DALI (Data Loading Library) backend, which handles preprocessing pipelines such as image decoding and tensor transformations for ML inference. The root cause is CWE-125 (Out-of-bounds Read), where the DALI backend reads memory outside the bounds of an allocated buffer - typically caused by missing or incorrect length validation when parsing attacker-influenced input tensors or request payloads. Such reads can leak adjacent heap memory and, depending on subsequent processing, corrupt internal state in ways that lead to arbitrary code execution within the Triton server process. The affected CPE is cpe:2.3:a:nvidia:triton_inference_server.

RemediationAI

Patch available per vendor advisory - administrators should consult NVIDIA Security Bulletin ID 5828 at https://nvidia.custhelp.com/app/answers/detail/a_id/5828 for the exact fixed Triton Inference Server version and upgrade accordingly; the precise patched version is not enumerated in the provided intelligence and should be confirmed against that bulletin before deployment. Where immediate upgrade is not feasible, compensating controls include unloading or disabling the DALI backend in Triton's model repository configuration (trade-off: any model pipeline depending on DALI preprocessing will fail to load and must be re-implemented with an alternative backend), restricting Triton's HTTP/gRPC endpoints to trusted networks and authenticated internal callers only via network segmentation or an authenticating reverse proxy (trade-off: breaks any legitimate external inference consumers), and validating or sandboxing incoming inference request payloads at an upstream gateway to enforce strict tensor shape and size limits (trade-off: adds latency and requires per-model schema knowledge).

More in Nvidia

View all
CVE-2016-1741 CRITICAL POC
9.8 Mar 24

The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary c

CVE-2013-0109 HIGH POC
7.2 Apr 08

The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not

CVE-2019-5684 CRITICAL POC
10.0 Aug 06

NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially craft

CVE-2026-24207 CRITICAL POC
9.8 May 20

Authentication bypass in NVIDIA Triton Inference Server allows unauthenticated remote attackers to reach protected funct

CVE-2019-5685 CRITICAL POC
9.8 Aug 06

NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially craft

CVE-2025-23359 HIGH POC
8.3 Feb 12

NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default co

CVE-2016-8812 HIGH POC
8.8 Nov 08

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before G

CVE-2016-1861 HIGH POC
7.8 Jun 19

The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privi

CVE-2024-0132 HIGH POC
8.3 Sep 26

NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with de

CVE-2016-1846 HIGH POC
7.8 May 20

The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows a

CVE-2015-7865 HIGH POC
7.7 Nov 24

nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before

CVE-2016-8811 HIGH POC
7.8 Nov 08

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 3

Share

EUVD-2026-31055 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy