CVE-2026-24175
Received Received - Intake
Denial of Service via Malformed Header in NVIDIA Triton Server

Publication date: 2026-04-07

Last updated on: 2026-04-16

Assigner: NVIDIA Corporation

Description
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request header to the server. A successful exploit of this vulnerability might lead to denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-07
Last Modified
2026-04-16
Generated
2026-06-16
AI Q&A
2026-04-07
EPSS Evaluated
2026-06-15
NVD
CVE-2026-24175
EUVD
EUVD-2026-19759
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nvidia triton_inference_server to 26.02 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-248 An exception is thrown from a function, but it is not caught.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

This vulnerability causes a denial of service (DoS) by crashing the NVIDIA Triton Inference Server when a malformed request header is sent. It impacts availability only and does not affect confidentiality or integrity.

Since the vulnerability does not compromise data confidentiality or integrity, it does not directly lead to violations of data protection regulations such as GDPR or HIPAA, which primarily focus on protecting personal data privacy and integrity.

However, the availability impact could affect compliance if the service outage prevents timely access to data or services required under these regulations.

Executive Summary

CVE-2026-24175 is a vulnerability in the NVIDIA Triton Inference Server where an attacker can cause the server to crash by sending a malformed request header.

This vulnerability is classified under CWE-248 (Uncaught Exception) and can be exploited remotely without any privileges or user interaction.

The impact of this vulnerability is a denial of service (DoS) condition, affecting the availability of the server.

Impact Analysis

This vulnerability can lead to a denial of service (DoS) on the NVIDIA Triton Inference Server by causing it to crash.

An attacker can exploit this remotely without any privileges or user interaction, potentially making the server unavailable and disrupting services that depend on it.

There is no impact on confidentiality or integrity, only on availability.

Detection Guidance

This vulnerability involves an attacker sending a malformed request header to the NVIDIA Triton Inference Server causing a server crash. Detection would involve monitoring for unusual or malformed request headers targeting the Triton Inference Server.

Specific commands or detection signatures are not provided in the available information.

Mitigation Strategies

The available information does not specify immediate mitigation steps such as patches, configuration changes, or workarounds.

General best practices would include restricting network access to the NVIDIA Triton Inference Server, monitoring for abnormal traffic, and applying any official patches or updates from NVIDIA once available.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24175. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart