CVE-2026-24158 Nvidia — Exploit & Vulnerability Details HIGH

CVE-2026-24158

HIGH CVSS 3.1: 7.5 EPSS 0.06%

Parameter	Value
CVSS	7.5 (HIGH)
Affected Versions	before 26.01
Fixed In	26.01
Type	CWE-789
Vendor	Nvidia
Public PoC	No

NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint where an attacker may cause a denial of service by providing a large compressed payload. A successful exploit of this vulnerability may lead to denial of service.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

None

No privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

None

No data leak

Integrity

None

No data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-789

Vulnerable Products 1

Configuration	From (including)	Up to (excluding)
Nvidia Triton_Inference_Server cpe:2.3:a:nvidia:triton_inference_server::::::::	—	`26.01`

References 3

https://nvd.nist.gov/vuln/detail/CVE-2026-24158

psirt@nvidia.com

https://nvidia.custhelp.com/app/answers/detail/a_id/5790

psirt@nvidia.com

https://www.cve.org/CVERecord?id=CVE-2026-24158

psirt@nvidia.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-24175

Nvidia

7.5

CVE-2026-24174

Nvidia

7.5

CVE-2026-24173

Nvidia

7.5

CVE-2026-24156

Nvidia

7.3

CVE-2026-24147

Nvidia

4.8

Menu

CVE-2026-24158

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 1

References 3

Related Vulnerabilities

CVE-2026-24175

CVE-2026-24174

CVE-2026-24173

CVE-2026-24156

CVE-2026-24147

CVE Details

Editor's Choice

Menu

CVE-2026-24158

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 1

References 3

Related Vulnerabilities

CVE-2026-24175

CVE-2026-24174

CVE-2026-24173

CVE-2026-24156

CVE-2026-24147

CVE Details

Editor's Choice

Stay informed on cybersecurity