CVE-2026-24214
Integer Overflow in NVIDIA Triton Inference Server
Publication date: 2026-05-20
Last updated on: 2026-05-20
Assigner: NVIDIA Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | triton_inference_server | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-190 | The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in the NVIDIA Triton Inference Server's DALI backend, where an attacker can cause an integer overflow.
An integer overflow occurs when an arithmetic operation attempts to create a numeric value that is outside the range that can be represented with a given number of bits.
Exploiting this vulnerability could allow an attacker to execute arbitrary code, tamper with data, or cause a denial of service.
How can this vulnerability impact me? :
If exploited, this vulnerability can have serious impacts including:
- Code execution by an attacker, potentially allowing full control over the affected system.
- Data tampering, which could compromise the integrity and trustworthiness of data processed by the server.
- Denial of service, causing the server or application to crash or become unavailable.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the vulnerability in NVIDIA Triton Inference Server's DALI backend affects compliance with common standards and regulations such as GDPR or HIPAA.