NVIDIA Triton Inference Server DoS Vulnerability: CVE-2026-24210
The National Vulnerability Database reports a high-severity denial-of-service vulnerability, CVE-2026-24210, in NVIDIA Triton Inference Server. This flaw, an integer overflow (CWE-190), carries a CVSS score of 7.5 (High).
An attacker could exploit this vulnerability to trigger a denial of service. The impact is direct: systems running affected versions of NVIDIA Triton Inference Server could become unavailable, disrupting critical AI/ML inference workloads. This isn’t about data exfiltration, but operational paralysis.
For defenders, this means ensuring high availability for AI/ML infrastructure requires immediate attention to patching. An unpatched Triton instance is a single point of failure that an attacker can easily target to disrupt business-critical inference services. The attacker’s calculus is simple: maximum disruption with minimal effort, leveraging a known flaw.
What This Means For You
- If your organization utilizes NVIDIA Triton Inference Server for AI/ML workloads, you need to identify all instances and prepare for patching. A denial-of-service attack on your inference infrastructure can halt critical business operations. Prioritize this vulnerability; it's a direct route to operational disruption.
Related ATT&CK Techniques
🛡️ Detection Rules
2 rules · 6 SIEM formats2 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
NVIDIA Triton Inference Server Integer Overflow DoS Attempt - CVE-2026-24210
title: NVIDIA Triton Inference Server Integer Overflow DoS Attempt - CVE-2026-24210
id: scw-2026-05-20-ai-1
status: experimental
level: high
description: |
Detects potential exploitation of CVE-2026-24210 by monitoring for POST requests to NVIDIA Triton Inference Server's model endpoint ('/v2/models/') that result in a 500 Internal Server Error. This specific error code, combined with the known vulnerable endpoint and method, suggests an attempt to trigger the integer overflow vulnerability leading to a denial of service.
author: SCW Feed Engine (AI-generated)
date: 2026-05-20
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-24210/
tags:
- attack.impact
- attack.t1499
logsource:
category: webserver
detection:
selection:
cs-uri|contains:
- '/v2/models/'
cs-method:
- 'POST'
sc-status:
- '500'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-24210 | DoS | NVIDIA Triton Inference Server |
| CVE-2026-24210 | DoS | integer overflow |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 20, 2026 at 07:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-20240 — Denial of Service
CVE-2026-20240 — In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129,...
Splunk Enterprise, Cloud Vulnerability Exposes Session Cookies, Sensitive Data
CVE-2026-20239 — In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a...
CVE-2026-20238 — In Splunk AI Toolkit versions below 5.7.3, a low-privileged
CVE-2026-20238 — In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' roles could access confidential data...