Security vulnerabilities, privacy incidents, safety concerns, and policy updates affecting LLMs and AI agents.
NVIDIA Transformers4Rec for Linux has a vulnerability where attackers can exploit improper deserialization (unsafe processing of data that was converted into a storable format) of untrusted data, potentially leading to code execution (running commands on the system), data tampering, and information disclosure. The vulnerability is tracked as CVE-2026-24162 and a CVSS score (a 0-10 rating of how severe a vulnerability is) has not yet been assigned by NIST.
NVIDIA Triton Inference Server has a vulnerability in its DALI backend (a component that processes data) that allows attackers to cause uncontrolled resource consumption, potentially leading to a denial of service attack (making the service unavailable to legitimate users).
NVIDIA Triton Inference Server has a vulnerability in its DALI backend (a component that processes data) where an attacker could trigger an integer overflow (a bug where a number exceeds the maximum value a system can store). This could allow an attacker to execute malicious code, modify data, or crash the service.
NVIDIA Triton Inference Server contains a vulnerability in the DALI backend (a component that processes data) where an attacker could perform an out-of-bounds read (accessing memory locations outside the intended range). Exploiting this could allow code execution (running malicious commands), data tampering (changing information), denial of service (making the system unavailable), or information disclosure (leaking sensitive data).
NVIDIA Triton Inference Server has a vulnerability where an attacker could cause an integer overflow (a situation where a number exceeds the maximum value a program can store, causing unexpected behavior), potentially leading to denial of service (making a system unavailable to users). The vulnerability has a CVSS 4.0 severity rating (a 0-10 scale measuring how serious a security flaw is).
CVE-2026-24209 is a path traversal vulnerability (a flaw where an attacker manipulates file paths to access files outside their intended directory) in NVIDIA Triton Inference Server that could allow an attacker to cause a denial of service (making a system unavailable to users). The vulnerability has a CVSS 4.0 severity rating, though a full assessment from NIST has not yet been provided.
NVIDIA Triton Inference Server contains a path traversal vulnerability (CWE-22, a flaw where attackers can access files outside the intended directory) that could allow an attacker to cause a denial of service (making the service unavailable). The vulnerability has a CVSS 4.0 severity rating, though a detailed assessment has not yet been provided by NIST.
NVIDIA Triton Inference Server has a vulnerability (CVE-2026-24207) where an attacker could bypass authentication (skip security checks that normally verify who someone is), potentially allowing them to run code, gain higher privileges, change data, crash the service, or steal information. The vulnerability is classified as an authentication bypass using an alternate path or channel (CWE-288, a type of weakness where attackers find different ways to access a system without proper verification).
NVIDIA Triton Inference Server contains a vulnerability (CVE-2026-24206) that allows attackers to bypass authentication (a security check that verifies who you are), potentially leading to privilege escalation (gaining higher-level access), denial of service (making a system unavailable), or information disclosure (unauthorized access to data). The vulnerability is classified as CWE-288, which means it exploits an alternate path to bypass normal authentication checks.
MLflow versions 3.9.0 and earlier contain a vulnerability where unauthenticated attackers can read arbitrary files from a server by exploiting a flaw in the `_create_model_version()` handler (a function that processes requests to create new model versions). An attacker can trick the system into storing any file path from the server's filesystem by using a special tag in their request, and then retrieve those files through a different function that doesn't properly check permissions.
NVIDIA Triton Inference Server has a vulnerability (CVE-2026-24175) where an attacker can crash the server by sending a malformed request header, potentially causing a denial of service (disruption of normal service). The vulnerability stems from an uncaught exception (an error that the program doesn't handle properly), which allows attackers to exploit this weakness.
NVIDIA Triton Inference Server has a vulnerability (CVE-2026-24174) where an attacker can crash the server by sending a malformed request (a request with incorrect formatting), causing a denial of service (when a system becomes unavailable to legitimate users). The vulnerability stems from incorrect conversion between numeric types (the software not properly handling different number formats).
NVIDIA Triton Inference Server has a vulnerability (CVE-2026-24173) where an attacker can send a malformed request to crash the server, causing a denial of service (when a service becomes unavailable due to an attack). The vulnerability is related to integer overflow or wraparound (when a number exceeds the maximum value a system can store, causing unexpected behavior).
CVE-2026-24147 is a vulnerability in NVIDIA Triton Inference Server (a tool that runs AI models) where an attacker can upload a malicious model configuration file to cause information disclosure (exposing sensitive data) or denial of service (making the system unavailable). The vulnerability stems from improper path traversal (a flaw that lets attackers access files outside intended directories) validation when handling uploaded files.
NVIDIA Triton Inference Server has a vulnerability where it doesn't properly check user inputs and can crash when given a large number of outputs, potentially causing a denial of service (making the server unavailable to users). The vulnerability stems from excessive memory allocation triggered by malformed input.
CVE-2026-24158 is a vulnerability in NVIDIA Triton Inference Server's HTTP endpoint that allows attackers to cause a denial of service (temporarily making a service unavailable) by sending a large compressed payload. The vulnerability stems from improper memory allocation (CWE-789, where a system reserves too much memory based on untrusted input).
NVIDIA Model Optimizer for Windows and Linux has a vulnerability in its ONNX quantization feature (a technique that makes AI models smaller and faster by reducing precision) where unsafe deserialization (unsafely converting data from a file into program objects) can occur when a user provides a specially crafted input file. A successful attack could allow an attacker to execute code, gain higher privileges, change data, or steal information.
NVIDIA Triton Inference Server has a vulnerability (CVE-2025-33254) where an attacker can corrupt internal state, a condition that occurs when data becomes inconsistent or broken, potentially causing a denial of service (making a service unavailable to legitimate users). The vulnerability is caused by a race condition (a bug that happens when multiple processes access shared data at the same time without proper coordination).
NVIDIA APEX for Linux has a vulnerability where attackers can deserialize untrusted data (process data from untrusted sources, potentially running malicious code hidden in that data), affecting PyTorch versions earlier than 2.6. A successful attack could allow code execution, denial of service (making a system unavailable), privilege escalation (gaining higher access levels), data tampering, and information disclosure.
CVE-2025-33238 is a vulnerability in NVIDIA Triton Inference Server's Sagemaker HTTP server that allows an attacker to trigger an exception, potentially causing a denial of service (DoS, where a system becomes unavailable to legitimate users). The underlying issue involves a race condition (a timing flaw when multiple processes access shared resources without proper protection).
Fix: This issue is fixed in version 3.10.0.
NVD/CVE Database