CVE-2025-23319

EUVD-2025-23837
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvidiaCNA
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
Affected Products (NVD)
VendorProductVersion
nvidiatriton_inference_server
𝑥
< 25.07
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://nvd.nist.gov/vuln/detail/CVE-2025-23319
https://nvidia.custhelp.com/app/answers/detail/a_id/5687
https://www.cve.org/CVERecord?id=CVE-2025-23319