AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-23268: NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper inpu

highvulnerability

security

Source: NVD/CVE DatabaseSeptember 17, 2025CVE-2025-23268

Summary

NVIDIA Triton Inference Server has a vulnerability in its DALI backend (a component that processes data) where improper input validation (the failure to check if data is safe before using it) allows attackers to execute code on the system. The issue is classified as CWE-20, a common weakness type related to input validation problems.

Vulnerability Details

CVSS Score

8(high)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack Type

Other

Attack SophisticationModerate

Impact (CIA+S)

integrityavailability

Taxonomy References

CWE (Weakness Type)

CWE-20

Affected Vendors

NVIDIA

Related Issues

medium

CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem

Same vendorNVD/CVE Database

high

CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne

First tracked: February 15, 2026 at 08:45 PM

Classified by LLM (prompt v3) · confidence: 92%