Nvidia News Articles

Chaining NVIDIA's Triton Server flaws exposes AI systems to remote takeover

New flaws in NVIDIA's Triton Server let remote attackers take over systems via RCE, posing major risks to AI infrastructure.

4 weeks ago

NVIDIA Triton Vulnerability Chain Let Attackers Take Over AI Server Control

A critical vulnerability chain in NVIDIA's Triton Inference Server that allows unauthenticated attackers to achieve complete remote code execution (RCE) and gain full control over AI servers. 

4 weeks ago

Nvidia Patches Critical RCE Vulnerability Chain

The flaws in the company's Triton Inference Server enables model theft, data leaks, and response manipulation.

4 weeks ago

NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers

NVIDIA Triton bugs let remote attackers hijack AI servers—AI models and data at risk. Patch now.

1 month ago

Breaking NVIDIA Triton: CVE-2025-23319 - A Vulnerability Chain Leading to AI Server Takeover | Wiz Blog

Wiz Research discovers a critical vulnerability chain allowing unauthenticated attackers to take over NVIDIA's Triton Inference Server.

1 month ago

Nvidia Triton Vulnerabilities Pose Big Risk to AI Models

Nvidia has patched over a dozen vulnerabilities in Triton Inference Server, including another set of vulnerabilities that threaten AI systems. 

1 month ago

A critical flaw in Nvidia’s toolkit allows AI container escapes

Cybersecurity researchers at Wiz identified a critical vulnerability, NVIDIAScape (CVE-2025-23266), within the NVIDIA Container Toolkit. This flaw permits

Critical Flaw in NVIDIA AI Toolkit Flaw Puts Cloud Services at Risk

A critical flaw in NVIDIA's AI container toolkit (CVE-2025-23266) allows full host takeover, posing serious risks to cloud-based AI services.

New Exploit Proof-of-Concept Targets Critical NVIDIA AI Container Bug

A critical security flaw in the NVIDIA Container Toolkit (NCT) the foundational software powering many cloud-based AI and GPU services.

3-line exploit revealed for critical NVIDIA Container Toolkit flaw

The flaw risks exposure of sensitive AI data and models in multi-tenant environments.

Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services

Critical NVIDIA vulnerability CVE-2025-23266 impacts 37% of cloud services, allowing privilege escalation and data tampering.

NVIDIAScape - NVIDIA AI Vulnerability (CVE-2025-23266) | Wiz Blog

New critical vulnerability with 9.0 CVSS presents systemic risk to the AI ecosystem, carries widespread implications for AI infrastructure.

NVIDIA Container Toolkit Vulnerability Allows Arbitrary Code Execution with Elevated Privileges

The vulnerabilities, discovered by security researchers and assigned CVE-2025-23266 and CVE-2025-23267, pose significant risks

A NVIDIA Container Bug & Chance to Harden Kubernetes

A container escape flaw involving the NVIDIA Container Toolkit could have enabled a threat actor to access AI datasets across tenants.

NVIDIA TensorRT-LLM Vulnerability Let Hackers Run Malicious Code

NVIDIA has issued an urgent security advisory after discovering a significant vulnerability (CVE-2025-23254) in its popular TensorRT-LLM framework.

Patch Now: NVDIA Flaws Expose AI Models, Critical Infrastructure

A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on its processors for AI workloads.

Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes

Incomplete fix for CVE-2024-0132 in NVIDIA Toolkit leaves Linux Docker hosts vulnerable to container escapes and DoS attacks.

Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks

A previously disclosed vulnerability in NVIDIA Container Toolkit has an incomplete patch, which, if exploited, could put a wide range of AI infrastructure and sensitive data at risk.

Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks

A previously disclosed vulnerability in NVIDIA Container Toolkit has an incomplete patch, which, if exploited, could put a wide range of AI infrastructure and sensitive data at risk.

NVIDIA Support

Details This section provides a summary of potential vulnerabilities that this security update addresses and their impact. Descriptions use CWE™, and base scores and vectors use CVSS v3.1...

Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure

Attempts to exploit CVE-2024-0108, an authentication bypass vulnerability in Palo Alto firewalls, started one day after disclosure. 

NVIDIA Container Toolkit Flaw Allows Full System Access - TechNadu

Attackers could bypass a patched NVIDIA Container Toolkit flaw CVE-2025-23359 via breaking out of a container's isolation protections.

Researcher Discovers Critical NVIDIA Container Vulnerability

Security researchers at Wiz have uncovered a critical vulnerability (CVE-2024-0132) in NVIDIA's Container Toolkit that could allow attackers to escape container isolation and gain full access to host...

NVIDIA Container Toolkit For Linux Time-of-Check Time-of-Use Vulnerability (CVE-2025-23359)

CVE-2025-23359 - NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system.

Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability

CVE-2025-23359 (CVSS 8.3) lets attackers bypass NVIDIA’s container security, gaining host access via a TOCTOU flaw. Fix available in v1.17.4.

NVIDIA AI vulnerability:  Deep Dive into CVE 2024-0132 | Wiz Blog

Critical severity vulnerability (CVE-2024-0132) affecting Container Toolkit and GPU Operator may present risk to cloud service providers

Nvidia fixed CVE-2024-0130 in UFM Enterprise

NVIDIA has patched a high-severity vulnerability affecting its UFM Enterprise, UFM Appliance, and UFM CyberAI products. could allow an attacker to gain escalated privileges, tamper with data, deny service, and disclose sensitive information. The vulnerability, identified as CVE-2024-0130 with a CVSS...

NVIDIA affected by a Critical vulnerability CVE-2024-0138

NVIDIA has released a patch addressing a critical vulnerability in its Base Command Manager software, that could pose significant risks, including the potential for remote code execution, denial of service, privilege escalation, information disclosure, and data tampering. This flaw, tracked as CVE-2...

October Patch Tuesday: MSFT patches 2 exploited zero days

Microsoft has patched a brace of zero days that are under active attack as part of October Patch Tuesday 2024.

Critical NVIDIA Container Toolkit flaw could allow access to the underlying host

A critical vulnerability in the NVIDIA Container Toolkit could allow a container to escape and gain full access to the underlying host.

NVIDIA AI Container Toolkit Vulnerability Fix

On Wednesday, NVIDIA released updates to fix a critical vulnerability in its NVIDIA Container Toolkit, which, if exploited, could put a wide range of AI infrastructure and underlying data/secrets at risk....

Critical Nvidia bug allows container escape, host takeover

A critical bug in Nvidia's widely used Container Toolkit could allow a rogue user or software to escape their containers and ultimately take complete control of the underlying host. The flaw, tracked as...

Wiz Research Finds Critical NVIDIA AI Vulnerability Affecting Containers Using NVIDIA GPUs, Including Over 35% of Cloud Environments | Wiz Blog

Critical severity vulnerability CVE-2024-0132 affecting NVIDIA Container Toolkit and GPU Operator presents high risk to AI workloads and environments.

NVIDIA ChatRTX for Windows Vulnerability Lets Attackers Escalate Privileges

NVIDIA, a leading technology company, has recently released a security update regarding its Windows ChatRTX application.