AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-24175: NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malfor

highvulnerability

security

Source: NVD/CVE DatabaseApril 7, 2026CVE-2026-24175

Summary

NVIDIA Triton Inference Server has a vulnerability (CVE-2026-24175) where an attacker can crash the server by sending a malformed request header, potentially causing a denial of service (disruption of normal service). The vulnerability stems from an uncaught exception (an error that the program doesn't handle properly), which allows attackers to exploit this weakness.

Vulnerability Details

CVSS Score

7.5(high)

EPSS (30-day exploit probability)

EPSS: 0.0%

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

network

Attack Complexity

low

Privileges Required

none

User Interaction

none

Disclosure Date

April 7, 2026

Classification

Attack Type

DoS

Attack SophisticationTrivial

Impact (CIA+S)

availability

AI Component TargetedInference

Taxonomy References

CWE (Weakness Type)

CWE-248

Affected Vendors

NVIDIA

Related Issues

medium

CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem

Similar attackNVD/CVE Database

low

CVE-2021-29541: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null p

Similar attack

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-24175

First tracked: April 7, 2026 at 08:07 PM

Classified by LLM (prompt v3) · confidence: 92%