What is CVE-2025-23268?

CVE-2025-23268 is a high-severity vulnerability in Nvidia Triton Inference Server, classified under Improper Input Validation. CVSS score: 8.0/10. Published 2025-09-17.

How severe is CVE-2025-23268?

High severity. CVSS v3 base score is 8.0 out of 10.

Improper input validation in Nvidia Triton Inference Server

CVE-2025-23268

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper input validation issue. A successful exploit of this vulnerability may lead to code execution.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.002 (44.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.0 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H.

Affected products

Nvidia Triton Inference Server — versions All versions prior to 25.07

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

nvidia.custhelp.com/app/answers/detail/a_id/5691

Frequently asked questions

What is CVE-2025-23268?: CVE-2025-23268 is a high-severity vulnerability in Nvidia Triton Inference Server, classified under Improper Input Validation. CVSS score: 8.0/10. Published 2025-09-17.
How severe is CVE-2025-23268?: High severity. CVSS v3 base score is 8.0 out of 10.