Out-of-Bounds Read Vulnerability in NVIDIA Triton Inference Server
CVE-2025-23334

5.9MEDIUM

Key Information:

Vendor: Nvidia
Status: Triton Inference Server
Vendor: CVE Published:; 6 August 2025

What is CVE-2025-23334?

The NVIDIA Triton Inference Server for Windows and Linux is impacted by a vulnerability in its Python backend. This issue can be exploited by an attacker who sends a specially crafted request, potentially causing an out-of-bounds read. If successfully exploited, this vulnerability may lead to the exposure of sensitive information, posing significant risks to data integrity and privacy.

Affected Version(s)

Triton Inference Server Windows All versions prior to 25.07

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23334

https://www.cve.org/CVERecord?id=CVE-2025-23334

https://nvidia.custhelp.com/app/answers/detail/a_id/5687

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2025
Vulnerability Reserved
Jan 14, 2025

Nvidia

What is CVE-2025-23334?

Affected Version(s)

References

CVSS V3.1

Timeline