CVE-2025-23319

Summary

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.

Affected Software

VendorProductVersion RangeStatus
NVIDIATriton Inference ServerAll versions prior to 25.07affected

Weaknesses

  • CWE-805: CWE-805 Buffer Access with Incorrect Length Value

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References