Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Network-facing unauthenticated inference endpoint (AV:N/PR:N/UI:N) with easy triggering (AC:L); availability-only memory-exhaustion impact (A:H) and no confidentiality or integrity effect.
Primary rating from Vendor (nvidia).
CVSS VectorVendor: nvidia
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause missing release of memory after effective lifetime. A successful exploit of this vulnerability might lead to denial of service.
Articles & Coverage 1
AnalysisAI
Denial of service in NVIDIA Triton Inference Server on Linux allows remote unauthenticated attackers to exhaust host memory by triggering a memory leak (CWE-401, missing release of memory after effective lifetime), degrading or crashing the inference service. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N, A:H) indicates trivial network-reachable exploitation with no authentication and high availability impact, but no confidentiality or integrity exposure. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires network reachability to a running Triton Inference Server's request interface (HTTP/REST on 8000 or gRPC on 8001 by default) on Linux; per the CVSS vector (AV:N/AC:L/PR:N/UI:N) no authentication, no special privileges, and no user interaction are needed against a reachable instance. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The signals are moderately consistent for a DoS-only issue. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who can reach the Triton HTTP or gRPC inference endpoint sends a stream of crafted or repeated inference/management requests that each leak a small amount of unreleased memory. Over time the server's memory footprint grows unchecked until Triton is OOM-killed or the host becomes unresponsive, taking the model-serving service offline. … |
| Remediation | No vendor-released patch version is identified in the provided data, and the CPE version is wildcarded, so consult NVIDIA's official security bulletin (linked from the NVD record at https://nvd.nist.gov/vuln/detail/CVE-2026-47482) for the exact fixed release and update the Triton container image or binary to that version once published. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, identify and inventory all systems running NVIDIA Triton Inference Server, assess their criticality and production dependencies, and restrict network access to Triton endpoints to trusted internal networks only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Triton Inference Server
View allNVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitr
NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a user can corrupt system fi
NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an impro
Denial of service in NVIDIA Triton Inference Server for Linux allows remote unauthenticated attackers to exhaust server
Denial of service in NVIDIA Triton Inference Server for Linux (versions through 26.03) allows a remote attacker to crash
Denial of service in NVIDIA Triton Inference Server for Linux stems from a stack-based buffer overflow (CWE-121) reachab
Denial of service in NVIDIA Triton Inference Server for Linux allows a remote, unauthenticated attacker to disrupt avail
Denial of service in NVIDIA Triton Inference Server on Linux allows remote unauthenticated attackers to crash the servic
Denial of service in NVIDIA Triton Inference Server for Linux lets remote unauthenticated attackers exhaust server resou
NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-de
NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified
NVIDIA Triton Inference Server contains a vulnerability where an attacker may cause an improper check for unusual or exc
Same weakness CWE-401 – Memory Leak
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44434
GHSA-hhg8-wxrj-m3cf