CVE-2026-24147: NVIDIA Triton Inference Server contains a vulnerability in triton server where an attacker may cause an information disc
Summary
CVE-2026-24147 is a vulnerability in NVIDIA Triton Inference Server (a tool that runs AI models) where an attacker can upload a malicious model configuration file to cause information disclosure (exposing sensitive data) or denial of service (making the system unavailable). The vulnerability stems from improper path traversal (a flaw that lets attackers access files outside intended directories) validation when handling uploaded files.
Vulnerability Details
4.8(medium)
EPSS: 0.0%
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
network
high
none
none
April 7, 2026
Classification
Affected Vendors
Related Issues
CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem
CVE-2025-33254: NVIDIA Triton Inference Server contains a vulnerability where an attacker may cause internal state corruption. A success
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-24147
First tracked: April 7, 2026 at 08:07 PM
Classified by LLM (prompt v3) · confidence: 85%