CVE-2026-24209
Description
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A path traversal vulnerability in NVIDIA Triton Inference Server could allow an attacker to cause a denial of service.
Vulnerability
Overview
NVIDIA Triton Inference Server contains a path traversal vulnerability in versions prior to 26.05. This flaw arises from improper sanitization of user-supplied input used in file path operations, allowing an attacker to access files outside the intended directory structure [1].
Attack
Vector
An unauthenticated attacker with network access to the Triton Inference Server's management API can send specially crafted requests containing path traversal sequences (e.g., ../). No prior authentication is required to reach the vulnerable endpoint, making the attack surface accessible from the network [1].
Impact
Successful exploitation could allow the attacker to read or manipulate files outside the server's intended restricted scope, leading to a denial of service condition. The vulnerability is rated High with a CVSS v3 base score of 7.5, indicating significant potential impact on system availability [1].
Mitigation
NVIDIA has released updated versions of Triton Inference Server that fix the path traversal issue. Users should upgrade to version 26.05 or later to remediate the vulnerability. No known workarounds are available [1].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.