NVIDIA Triton: Malformed Request Crash Leads to DoS
CVE-2026-24174 Published on April 7, 2026

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service.

NVD

Vulnerability Analysis

CVE-2026-24174 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
NONE
Integrity Impact:
NONE
Availability Impact:
HIGH

Weakness Type

Incorrect Conversion between Numeric Types

When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.


Products Associated with CVE-2026-24174

Want to know whenever a new CVE is published for NVIDIA Triton Inference Server? stack.watch will email you.

NVIDIA Triton Inference Server
 

Affected Versions

NVIDIA Triton Inference Server Version All versions prior to r26.02 is affected by CVE-2026-24174