CVE-2025-23319

High CVSS 8.1

Overview

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.

CWE: CWE-805 Published: 2025-08-06T13:15:39.490

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 8.1 (HIGH)
Detected tags: dos, info_leak, oob_write (tag impact: VERY HIGH)

Recommended actions:

Rate limiting, resource quotas and circuit breakers.
Reduce verbose errors, remove debug endpoints, minimize PII in logs.
Patch/upgrade immediately (remote code execution).
Reduce exposure (WAF/segmentation), minimize attack surface.

Overview

Recommended tools

Tags