1341 matches found
CVE-2026-54698 Hasura: Row-level authorization bypass on table computed fields
Hasura is an open-source product that provides users GraphQL or REST APIs. Prior to 2.49.2 and 2.45.5, a user can use a where clause on a table computed field returning SETOF sometable to infer row values that ought to be filtered for their role based on sometable's row-level permissions. While...
Important: Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (ROCm)
Red Hat AI Inference Server 3.2.2 ROCm is now available. Red Hat® AI Inference Server...
Important: Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (CUDA)
Red Hat AI Inference Server 3.2.2 CUDA is now available. Red Hat® AI Inference Server...
Important: Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.2.2 (cuda)
Red Hat AI Inference Server Model Optimization Tools 3.2.2 cuda is now available. Red Hat® AI Inference Server Model Optimization Tools...
CVE-2026-14647 onnx onnxruntime old.cc convPoolShapeInference_opset19 out-of-bounds
A weakness has been identified in onnx up to 1.21.x. This vulnerability affects the function convPoolShapeInferenceopset19 of the file onnx/defs/nn/old.cc of the component onnxruntime. This manipulation causes out-of-bounds read. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2026-14647
ONNX Runtime (onnxruntime) up to 1.21.x is affected by CVE-2026-14647 due to a weakness in convPoolShapeInference_opset19 in ONNX’s old.cc (onnx/defs/nn). The root cause is an out-of-bounds read introduced in this path, enabling remote exploitation. Public exploits exist per the description. Reme...
PT-2026-55726
Name of the Vulnerable Software and Affected Versions onnx versions prior to 1.22.0 Description A weakness in the onnxruntime component allows for a remote out-of-bounds read. This occurs within the convPoolShapeInference opset19 function located in the onnx/defs/nn/old.cc file. Recommendations...
GHSA-29PF-2H5F-8G72 vulnerabilities
Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, text-generation-inference...
CVE-2026-4372 vulnerabilities
Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, text-generation-inference...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the Authorizer function. An attacker can determine valid usernames by measuring the response time difference between valid and invalid usernames during authentication attempts. Remediation There is no fixed...
CVE-2026-24266
NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A successful exploit of this vulnerability might lead to denial of service...
CVE-2026-24266
NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A successful exploit of this vulnerability might lead to denial of service...
CVE-2026-24264
CVE-2026-24264 affects NVIDIA Triton Inference Server for Linux. The security bulletin documents that an attacker can cause improper handling of highly compressed data, with the impact being denial of service . The vulnerability is addressed by updating to Triton Server r26.04 or later . Affected...
CVE-2026-24264
NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to denial of service...
Security Bulletin: NVIDIA Triton Inference Server - June 2026
NVIDIA has released a software update for NVIDIA® Triton Inference Server. To protect your system, clone or update this software to Triton Server r26.04 or later from the NVIDIA Triton Inference Server GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potentia...
CVE-2026-53923
A flaw was found in vLLM. Integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels leads to partial tensor processing. This results in the output tensor retaining previously used GPU memory, which, in multi-tenant inference deployments, can expose sensitive tensor data from other...
Critical: Red Hat Security Advisory: Red Hat AI Inference Server 3.3.5 (CUDA)
Red Hat AI Inference Server 3.3.5 CUDA is now available. Red Hat® AI Inference Server...
Critical: Red Hat Security Advisory: Red Hat AI Inference Server 3.3.5 (ROCm)
Red Hat AI Inference Server 3.3.5 ROCm is now available. Red Hat® AI Inference Server...
Critical: Red Hat Security Advisory: Red Hat AI Inference Server 3.3.5 (Spyre)
Red Hat AI Inference Server 3.3.5 Spyre is now available. Red Hat® AI Inference Server...
Important: Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.3.5 (CUDA)
Red Hat AI Inference Server Model Optimization Tools 3.3.5 CUDA is now available. Red Hat® AI Inference Server Model Optimization Tools...