CVE-2025-23319

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvidiaCNA
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
nvidiatriton_inference_server
𝑥
< 25.07
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://nvd.nist.gov/vuln/detail/CVE-2025-23319
https://nvidia.custhelp.com/app/answers/detail/a_id/5687
https://www.cve.org/CVERecord?id=CVE-2025-23319