CVE-2025-6920 Ai-inference-server: authentication bypass via unprotected inference endpoint in api

A flaw was found in the authentication enforcement mechanism of a model inference API in ai-inference-server. All /v1/ endpoints are expected to enforce API key validation. However, the POST /invocations endpoint failed to do so, resulting in an authentication bypass. This vulnerability allows...

PT-2025-27527 · Unknown · Ai-Inference-Server

Name of the Vulnerable Software and Affected Versions: ai-inference-server affected versions not specified Description: A flaw was found in the authentication enforcement mechanism of a model inference API. The issue affects the "/v1/" endpoints, where API key validation is expected but not...

CVE-2024-0095

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of...

CVE-2024-0103

NVIDIA Triton Inference Server for Linux contains a vulnerability where a user may cause an incorrect Initialization of resource by network issue. A successful exploit of this vulnerability may lead to information disclosure...

CVE-2024-0100

NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a user can corrupt system files. A successful exploit of this vulnerability might lead to denial of service and data tampering...

CVE-2024-0088

NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering...

CVE-2023-31036

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where, when it is launched with the non-default command line option --model-control explicit, an attacker may use the model load API to cause a relative path traversal. A successful exploit of this vulnerability may lea...

NVIDIA Riva Triton Inference Server Missing Authentication Vulnerability

This vulnerability allows remote attackers to access protected functionality on affected installations of NVIDIA Riva. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the Triton Inference Server. The issue results from the lack of...

The vulnerability of the Model Loading API component in NVIDIA Triton Inference Server (previously known as TensorRT Inference Server) allows a malicious actor to trigger a service failure.

The vulnerability of the Model Loading component of NVIDIA Triton Inference Server previously known as TensorRT Inference Server is related to a numerical overflow issue. Exploiting this vulnerability could allow an attacker to cause a service failure...

NVIDIA Triton Inference Server Input Validation Error Vulnerability (CNVD-2025-23137)

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server has an input validation error vulnerability that can be exploited by attackers to cause a denial of service...

CVE-2024-53880

NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could cause an integer overflow or wraparound error by loading a model with an extra-large file size that overflows an internal variable. A successful exploit of this vulnerability might lead to denial ...

CVE-2024-53880

NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could cause an integer overflow or wraparound error by loading a model with an extra-large file size that overflows an internal variable. A successful exploit of this vulnerability might lead to denial ...

CVE-2024-53880

The CVE-2024-53880 entry pertains to NVIDIA Triton Inference Server. A vulnerability in the model loading API can trigger an integer overflow/wraparound when loading a model with an extra-large file size, overflow an internal variable, and potentially cause a denial of service. Exploitation detai...

CVE-2024-53880

NVIDIA Triton Inference Server contains a vulnerability in the model loading API, where a user could cause an integer overflow or wraparound error by loading a model with an extra-large file size that overflows an internal variable. A successful exploit of this vulnerability might lead to denial ...

NVIDIA Triton Inference Server 输入验证错误漏洞

NVIDIA Triton Inference Server is an open source software from NVIDIA that helps standardize model deployment and deliver fast and scalable AI in production. NVIDIA Triton Inference Server has an input validation error vulnerability that can be exploited by attackers to cause a denial of service...

Security Bulletin: NVIDIA Triton Inference Server - February 2025

NVIDIA has released a software update for NVIDIA® Triton Inference Server. To protect your system, download and install the latest release from the Triton Inference Server Releases page on GitHub and view the Secure Deployment Considerations Guide. Go to NVIDIA Product Security...

CVE-2024-0087

NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitrary file. If this file exists, logs are appended to the file. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privilege...

The vulnerability of the software for deploying and executing AI models, NVIDIA Triton Inference Server (previously TensorRT Inference Server), allows a malicious actor to trigger a service failure.

The vulnerability of the software for deploying and executing AI models developed by NVIDIA Triton Inference Server previously known as TensorRT Inference Server relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to...

CVE-2024-0116

A flaw was found in the NVIDIA Triton Inference Server. Affected versions of Triton Inference Server contain a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use, possibly leading to denial of service. Mitigation Mitigation for...

CVE-2024-0116

NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. A successful exploit of this vulnerability may lead to denial of service...