Description
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service.
Published: 2026-04-07
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch
AI Analysis

Impact

A malformed request can trigger a crash in NVIDIA Triton Inference Server. The flaw leads to a server termination, causing a loss of service availability. The referenced weakness is an integer overflow, as identified by CWE-190, allowing the attacker to supply data that the server misprocesses.

Affected Systems

NVIDIA Triton Inference Server is affected. No specific release numbers are supplied, so all installations should be inspected for this issue.

Risk and Exploitability

The CVSS score of 7.5 indicates a high severity denial‑of‑service risk. EPSS data is not available and the vulnerability is not listed in the CISA KEV catalog. The attack vector is inferred to be remote network access, as an attacker only needs to send a crafted request to the running server to trigger the crash.

Generated by OpenCVE AI on April 7, 2026 at 22:03 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest NVIDIA Triton Inference Server update or the vendor‑released patch that addresses the crash. If no patch is available, restrict server exposure by placing it behind a firewall or enforcing a whitelist of trusted IP addresses. Monitor server logs for repeated malformed request attempts and consider rate limiting to reduce potential impact.

Generated by OpenCVE AI on April 7, 2026 at 22:03 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:nvidia:triton_inference_server:*:*:*:*:*:*:*:*

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Title Malformed Request Causes Server Crash in NVIDIA Triton Inference Server

Wed, 08 Apr 2026 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Nvidia
Nvidia triton Inference Server
Vendors & Products Nvidia
Nvidia triton Inference Server

Tue, 07 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 07 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
Description NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service.
Weaknesses CWE-190
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Nvidia Triton Inference Server
cve-icon MITRE

Status: PUBLISHED

Assigner: nvidia

Published:

Updated: 2026-04-07T18:56:46.472Z

Reserved: 2026-01-21T19:09:31.777Z

Link: CVE-2026-24173

cve-icon Vulnrichment

Updated: 2026-04-07T18:42:09.283Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-07T18:16:39.787

Modified: 2026-04-16T17:01:07.053

Link: CVE-2026-24173

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:47:21Z

Weaknesses