Information Disclosure Vulnerability in NVIDIA Triton Inference Server
CVE-2026-24147

4.8MEDIUM

Key Information:

Vendor: Nvidia
Status: Triton Inference Server
Vendor: CVE Published:; 7 April 2026

What is CVE-2026-24147?

The NVIDIA Triton Inference Server contains a vulnerability in its server component, which can be exploited by attackers. By uploading a specially crafted model configuration, an unauthorized user may gain access to sensitive information. This vulnerability could result in information leakage or potentially lead to a denial of service. It is crucial for users to apply the recommended patches to secure their systems and protect against these risks.

Affected Version(s)

Triton Inference Server All All versions prior to r26.02

References

https://nvd.nist.gov/vuln/detail/CVE-2026-24147

https://www.cve.org/CVERecord?id=CVE-2026-24147

https://nvidia.custhelp.com/app/answers/detail/a_id/5816

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 7, 2026
Vulnerability Reserved
Jan 21, 2026

CVE-2026-24147 Data

JSON

Nvidia

What is CVE-2026-24147?

Affected Version(s)

References

CVSS V3.1

Timeline