CVE-2026-24206
Analyzed Analyzed - Analysis Complete
Authentication Bypass in NVIDIA Triton Inference Server

Publication date: 2026-05-20

Last updated on: 2026-05-20

Assigner: NVIDIA Corporation

Description
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation of privileges, denial of service, or information disclosure.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-20
Last Modified
2026-05-20
Generated
2026-06-09
AI Q&A
2026-05-20
EPSS Evaluated
2026-06-08
NVD
CVE-2026-24206
EUVD
EUVD-2026-31049
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nvidia triton_inference_server to 26.03 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-288 The product requires authentication, but the product has an alternate path or channel that does not require authentication.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-24206 is a vulnerability in the NVIDIA Triton Inference Server that allows an attacker to bypass authentication.

Exploiting this flaw could enable the attacker to escalate privileges, cause denial of service, or disclose unauthorized information.

The vulnerability is classified under CWE-288, which involves authentication bypass through alternate paths or channels.

Impact Analysis

This vulnerability can have several serious impacts if exploited.

  • Escalation of privileges, allowing attackers to gain higher access rights than intended.
  • Denial of service, potentially disrupting the availability of the NVIDIA Triton Inference Server.
  • Information disclosure, leading to unauthorized access to sensitive data.
Mitigation Strategies

The vulnerability in NVIDIA Triton Inference Server allows an attacker to bypass authentication, potentially leading to privilege escalation, denial of service, or information disclosure.

To mitigate this vulnerability, it is recommended to follow the guidance provided in NVIDIA's official advisory available at https://nvidia.custhelp.com/app/answers/detail/a_id/5828.

Compliance Impact

The provided information does not specify how the authentication bypass vulnerability in NVIDIA Triton Inference Server directly affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24206. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart