CVE-2026-24207 NVIDIA CVE debrief

Who should care

Platform teams, MLOps and inference operators, security responders, and anyone running NVIDIA Triton Inference Server—especially in Internet-facing or shared environments.

Technical summary

The supplied metadata maps this issue to CWE-288 and a CVSS 3.1 vector of AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. The vulnerable product evidence in the corpus is nvidia:triton_inference_server, with affected versions ending before 26.03. The referenced advisory set includes NVD, CVE.org, and the NVIDIA vendor advisory.

Defensive priority

Immediate. This is a critical, remotely reachable, unauthenticated issue with high impact across confidentiality, integrity, and availability.

Recommended defensive actions

• Inventory all NVIDIA Triton Inference Server deployments, including container images, shared inference platforms, and embedded service instances.
• Identify any instance running a version earlier than 26.03 and follow the vendor-recommended update path as soon as possible.
• Reduce exposure by removing public access or tightly limiting network reachability to Triton endpoints until remediation is complete.
• Validate that authentication and perimeter controls are enforced at the service edge; do not assume internal placement alone is sufficient protection.
• Monitor for unusual access patterns, unauthorized configuration or model changes, and other signs of possible abuse.
• Use the NVIDIA PSIRT advisory and the NVD record as the primary remediation references.

Evidence notes

The supplied corpus includes official NVD, CVE.org, and NVIDIA advisory references. NVD metadata lists CVSS 3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, CWE-288, and a vulnerable Triton Inference Server CPE with an affected range before 26.03. The corpus also includes a Linux kernel CPE marked not vulnerable; the product-specific vulnerable evidence points to NVIDIA Triton Inference Server. The supplied timeline shows publication and modification on 2026-05-20.

Official resources