NVIDIA Triton Inference Server has a flaw in its DALI backend that allows an attacker to read memory beyond intended bounds, possibly resulting in code execution, data tampering, denial of service, or information disclosure. The weakness is an out‑of‑bounds read (CWE‑125). This type of memory error can be leveraged by an adversary to corrupt execution flow or extract sensitive data if the boundary check fails. The severity is significant, with a CVSS score of 8, indicating a high level of potential impact.

The issue affects NVIDIA Triton Inference Server, specifically the DALI (Data Augmentation Library) backend. No specific version range is provided in the data, so all installations that include the DALI backend are potentially exposed. Users should verify whether their Triton deployment includes or relies on the DALI component, as the vulnerability resides entirely within that module.

The CVSS score of 8 signals a high severity risk. The EPSS score is not available, but the lack of activity is not evidence of low risk, especially given the possible code execution outcome. The vulnerability is not listed in CISA's KEV catalog, so no public exploit is known; however, the combination of a zero‑day memory read and the potential for code execution means that it could be targeted by attackers with sufficient reconnaissance. The likely attack vector is remote, through interactions with the DALI backend, which federates data preprocessing for inference workloads. An attacker who can supply crafted input to the DALI pipeline may exploit this out‑of‑bounds read to trigger further malicious action.