CVE-2026-24158
Received Received - Intake
Denial of Service via Large Payload in NVIDIA Triton HTTP Endpoint

Publication date: 2026-03-24

Last updated on: 2026-03-31

Assigner: NVIDIA Corporation

Description
NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint where an attacker may cause a denial of service by providing a large compressed payload. A successful exploit of this vulnerability may lead to denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-24
Last Modified
2026-03-31
Generated
2026-06-16
AI Q&A
2026-03-24
EPSS Evaluated
2026-06-15
NVD
CVE-2026-24158
EUVD
EUVD-2026-15013
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nvidia triton_inference_server to 26.01 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-789 The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2026-24158 is a vulnerability in the NVIDIA Triton Inference Server's HTTP endpoint. It occurs when an attacker sends a large compressed payload to the server, which can cause a denial of service (DoS) condition by overwhelming the server's memory allocation."}, {'type': 'paragraph', 'content': 'This vulnerability is related to CWE-789, which involves problems with memory allocation due to excessive size values.'}] [2]

Impact Analysis

The primary impact of this vulnerability is a denial of service (DoS) condition on the NVIDIA Triton Inference Server. An attacker can remotely exploit this issue without any privileges or user interaction, causing the server to become unavailable.

This means that the availability of the service is severely affected, potentially disrupting any applications or services relying on the Triton Inference Server.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24158. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart