Cyber Resilience

CVE-2026-24214

High

Published: 20 May 2026

Published
20 May 2026
Modified
20 May 2026
KEV Added
Patch
CVSS Score v3.1 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0072 49.3th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-24214 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Nvidia Triton Inference Server. Its CVSS base score is 8.0 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 49.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering, or denial of service.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Integer overflow in public-facing Triton Inference Server backend directly enables remote exploitation for code execution (T1190) or DoS via application exploitation (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-24173Same product: Nvidia Triton Inference Server
CVE-2025-33254Same product: Nvidia Triton Inference Server
CVE-2026-24174Same product: Nvidia Triton Inference Server
CVE-2026-24213Same product: Nvidia Triton Inference Server
CVE-2026-24146Same product: Nvidia Triton Inference Server
CVE-2026-24175Same product: Nvidia Triton Inference Server
CVE-2025-33238Same product: Nvidia Triton Inference Server
CVE-2026-24158Same product: Nvidia Triton Inference Server
CVE-2025-23268Same product: Nvidia Triton Inference Server
CVE-2026-24215Same product: Nvidia Triton Inference Server

Affected Assets

nvidia
triton inference server
≤ 26.03

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References