CVE-2025-23316.yaml
1 info: 2 name: triton-inference-server 3 cve: CVE-2025-23316 4 summary: NVIDIA Triton Inference Server Python backend API PreAuth RCE Vulnerability 5 details: | 6 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code execution by manipulating the model name parameter in the model control APIs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data tampering. 7 cvss: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 8 severity: CRITICAL 9 security_advise: Update to the latest version. 10 rule: "" 11 references: 12 - https://nvd.nist.gov/vuln/detail/CVE-2025-23316 13 - https://nvidia.custhelp.com/app/answers/detail/a_id/5691