GHSA-RQ6V-X3J8-7QGF Amazon SageMaker Python SDK is missing integrity verification in its Triton inference handler

Summary Amazon SageMaker Python SDK is an open-source library for training and deploying machine learning models on Amazon SageMaker. An issue exists where, under certain circumstances, the Triton inference handler deserializes model artifacts without performing integrity verification, allowing...

CVE-2026-24213

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or information disclosure...

CVE-2026-24208

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service...

CVE-2026-24174

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service...

CVE-2026-24174

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service...

CVE-2026-24147

NVIDIA Triton Inference Server contains a vulnerability in triton server where an attacker may cause an information disclosure by uploading a model configuration. A successful exploit of this vulnerability may lead to information disclosure or denial of service...

CVE-2026-24146

CVE-2026-24146 affects NVIDIA Triton Inference Server. The vulnerability arises from insufficient input validation and a large number of outputs, which can cause the server to crash and potentially lead to a denial of service. Documented impact is DoS; exploitation status is not detailed in the p...

Security Bulletin: NVIDIA Triton Inference Server - April 2026

NVIDIA has released a software update for NVIDIA® Triton Inference Server. To protect your system, clone or update this software to Triton Server r26.02 or later from the NVIDIA Triton Inference Server GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potentia...

CVE-2026-24158

NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint where an attacker may cause a denial of service by providing a large compressed payload. A successful exploit of this vulnerability may lead to denial of service...

Security Bulletin: NVIDIA Triton Inference Server - March 2026

NVIDIA has released a software update for NVIDIA® Triton Inference Server. To protect your system, clone or update this software to Triton Server 26.01 or later from NVIDIA GitHub. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this securi...

CVE-2025-23336

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause a denial of service by loading a misconfigured model. A successful exploit of this vulnerability might lead to denial of service...

CVE-2025-23268

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper input validation issue. A successful exploit of this vulnerability may lead to code execution...

CVE-2025-33211

NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified quantity in input. A successful exploit of this vulnerability may lead to denial of service...

EUVD-2025-201087

NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified quantity in input. A successful exploit of this vulnerability may lead to denial of service...

CVE-2025-33211

NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified quantity in input. A successful exploit of this vulnerability may lead to denial of service...

CVE-2025-33211

NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified quantity in input. A successful exploit of this vulnerability may lead to denial of service...

Improper Validation of Specified Quantity in Input

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input n the EVBufferToJson function in the HTTP server component. An...

Improper Check for Unusual or Exceptional Conditions

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the HTTPAPIServer::GetContentLength function in the HTTP server...

CVE-2025-33211

NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified quantity in input. A successful exploit of this vulnerability may lead to denial of service...

CVE-2025-33211

NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper validation of specified quantity in input. A successful exploit of this vulnerability may lead to denial of service...