{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/triton/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2026-24146"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["cve-2026-24146","denial-of-service","nvidia","triton"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eNVIDIA Triton Inference Server is susceptible to a denial-of-service (DoS) vulnerability identified as CVE-2026-24146. This flaw stems from insufficient input validation within the server software. An attacker can exploit this by sending specially crafted requests with a large number of expected outputs to the server. If successful, this causes excessive memory allocation leading to a server crash, rendering the service unavailable to legitimate users. This vulnerability impacts any organization utilizing affected versions of the NVIDIA Triton Inference Server. Publicly available information regarding affected versions is limited, but it is critical that organizations monitor for updates and apply necessary patches promptly.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies a vulnerable NVIDIA Triton Inference Server instance.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious request designed to trigger excessive output generation.\u003c/li\u003e\n\u003cli\u003eThe crafted request is sent to the Triton Inference Server via HTTP or gRPC.\u003c/li\u003e\n\u003cli\u003eThe server receives the request and attempts to process it.\u003c/li\u003e\n\u003cli\u003eDue to insufficient input validation, the server allocates an excessive amount of memory.\u003c/li\u003e\n\u003cli\u003eRepeated requests exhaust available memory resources.\u003c/li\u003e\n\u003cli\u003eThe server crashes due to an out-of-memory condition.\u003c/li\u003e\n\u003cli\u003eLegitimate users are unable to access the inference server, resulting in a denial of service.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-24146 leads to a denial-of-service condition on the NVIDIA Triton Inference Server. This can disrupt AI inference workloads, potentially impacting critical applications that rely on these services. The impact is significant for organizations that depend on the availability of their AI models for real-time decision-making or other operational needs. The specific number of affected organizations is unknown, but any organization using a vulnerable version of the Triton Inference Server is at risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the patch or upgrade to a non-vulnerable version of NVIDIA Triton Inference Server as soon as it is available from NVIDIA to remediate CVE-2026-24146.\u003c/li\u003e\n\u003cli\u003eImplement input validation on the server-side to prevent malicious requests with excessive output parameters; this is a general mitigation strategy since specific filters are unavailable.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect Suspicious Triton Inference Server Requests\u003c/code\u003e to identify potential exploitation attempts targeting the vulnerability.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs (category \u003ccode\u003ewebserver\u003c/code\u003e, product \u003ccode\u003elinux\u003c/code\u003e) for unusual request patterns that may indicate exploitation attempts, focusing on cs-uri-query parameters related to output size or count.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-07T18:16:39Z","date_published":"2026-04-07T18:16:39Z","id":"/briefs/2026-04-nvidia-triton-dos/","summary":"NVIDIA Triton Inference Server is vulnerable to denial of service due to insufficient input validation that, when combined with a large number of outputs, can cause a server crash.","title":"NVIDIA Triton Inference Server Denial-of-Service Vulnerability (CVE-2026-24146)","url":"https://feed.craftedsignal.io/briefs/2026-04-nvidia-triton-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Triton","version":"https://jsonfeed.org/version/1.1"}