Critical Authentication Bypass Vulnerability in NVIDIA Triton Inference Server
Severity: High (Score: 72.8)
Sources: Letsdatascience, Gbhackers
Published: · Updated:
Keywords: nvidia, triton, critical, vulnerability, inference, server, authentication
Severity indicators: critical, vulnerability, authentication bypass
Summary
NVIDIA disclosed a critical authentication-bypass vulnerability in its Triton Inference Server, tracked as CVE-2026-24207, with a CVSS v3.1 score of 9.8. This flaw allows remote exploitation without credentials, potentially leading to unauthorized code execution, privilege escalation, data tampering, and denial-of-service. Organizations using Triton for AI inference workloads are at significant risk. Reporting on patch availability is inconsistent; some sources indicate a patch exists for versions before r26.03, while others have not confirmed any patch. The vulnerability arises from improper authentication controls and is accessible via network attack vectors. Security experts recommend immediate action for affected organizations to mitigate risks. The NVD entry for this CVE is currently undergoing enrichment. Key Points: • CVE-2026-24207 has a CVSS score of 9.8, indicating critical severity. • The vulnerability allows remote exploitation without prior authentication. • Patching status is inconsistent; some sources confirm a patch while others do not.
Detailed Analysis
**Impact** Organizations using NVIDIA Triton Inference Server, particularly those running AI inference workloads, are affected globally. The vulnerability allows remote attackers to bypass authentication without credentials, risking unauthorized code execution, privilege escalation, data tampering, denial-of-service, and information disclosure. This impacts sectors relying on GPU-accelerated and edge AI deployments, potentially exposing sensitive model artifacts and data. **Technical Details** The vulnerability, tracked as CVE-2026-24207 with a CVSS 3.1 score of 9.8, is an authentication bypass classified under CWE-288. It is exploitable remotely over the network without user interaction or privileges (AV:N/AC:L/PR:N/UI:N/S:U). No specific malware or tools have been reported in the articles. The flaw affects versions prior to r26.03 of the Triton Inference Server and targets the authentication controls in network-facing inference infrastructure. **Recommended Response** Apply the NVIDIA patch by upgrading to version r26.03 or later immediately. Until patched, isolate inference endpoints, restrict network access using allowlists, and deploy authentication proxies to mitigate exploitation risk. Monitor network traffic for unusual access attempts to Triton servers and follow vendor advisories for updates. No additional IOCs or detection signatures were provided in the reports.
Source articles (2)
- NVIDIA Discloses Critical Triton Authentication Bypass Vulnerability | Let's Data Science — Letsdatascience · 2026-05-20
Multiple security outlets report a critical authentication-bypass vulnerability in NVIDIA 's Triton Inference Server , tracked as CVE-2026-24207 , with a reported CVSS 3.1 base score of 9.8 (GBHackers… - NVIDIA Triton Inference Server Flaw Raises Risk of Unauthorized Access — Gbhackers · 2026-05-20
NVIDIA has disclosed a critical security vulnerability in its Triton Inference Server that could allow attackers to bypass authentication and gain unauthorized access to affected systems. The flaw, tr…
Timeline
- 2026-05-20 — CVE-2026-24207 published: NVIDIA disclosed a critical authentication-bypass vulnerability in Triton Inference Server, allowing remote exploitation.
- 2026-05-20 — Vulnerability reported by multiple outlets: Security outlets reported the flaw, highlighting its potential for unauthorized access and severe impact on AI workloads.
CVEs
Related entities
- Data Breach (Attack Type)
- Zero-day Exploit (Attack Type)
- CWE-287 - Improper Authentication (Cwe)
- Nvidia Triton Inference Server (Platform)