CVE-2025-23334

5.9

Medium

Published:6 Aug 2025

Last updated:17 Jun 2026

Source:psirt@nvidia.com

Analyzed

Weakness (CWE)

CWE-125Out-of-bounds Read

CVSS Vector

v3.1

Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: None
Availability: None

View on MITRE Find PoC on GitHub

Description

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by sending a request. A successful exploit of this vulnerability might lead to information disclosure.

References

psirt@nvidia.com

https://nvd.nist.gov/vuln/detail/CVE-2025-23334

psirt@nvidia.com

https://nvidia.custhelp.com/app/answers/detail/a_id/5687

psirt@nvidia.com

https://www.cve.org/CVERecord?id=CVE-2025-23334