NVIDIA Triton Inference Server vulnerabilities overview

A recently disclosed set of security vulnerabilities in NVIDIA's Triton Inference Server, an open-source platform for running AI models, could enable unauthenticated attackers to take control of affected servers. Researchers from Wiz reported that when these flaws are chained together, they could allow remote code execution (RCE).

NVIDIA Triton Inference Server vulnerabilities overviewNVIDIA Triton Inference Server vulnerabilities overview

The vulnerabilities include:

CVE-2025-23319 (CVSS score: 8.1): An out-of-bounds write vulnerability in the Python backend triggered by sending a request.
CVE-2025-23320 (CVSS score: 7.5): A flaw that allows an attacker to exceed the shared memory limit by sending a large request.
CVE-2025-23334 (CVSS score: 5.9): An out-of-bounds read vulnerability in the Python backend.

NVIDIA Triton Inference Server vulnerabilities overviewNVIDIA Triton Inference Server vulnerabilities overview

Exploiting these vulnerabilities could lead to information disclosure, remote code execution, denial of service, and data tampering. The issues stem from the Python backend that processes inference requests for AI frameworks like PyTorch and TensorFlow.