On August 4, 2025, The Hacker News disclosed a critical chain of vulnerabilities in NVIDIA’s Triton Inference Server (Windows and Linux), a widely used open-source AI inference platform The Hacker News+1. The issues — CVE-2025-23319 (out-of-bounds write, CVSS 8.1), CVE-2025-23320 (shared memory overrun, CVSS 7.5), and CVE-2025-23334 (out-of-bounds read, CVSS 5.9) — are all rooted in the Python backend and can be chained by a remote, unauthenticated attacker, with no credentials required The Hacker NewsSecurity AffairsCSO Online.

The attack unfolds by first leaking internal shared-memory information via CVE-2025-23320, then exploiting the next vulnerabilities to achieve remote code execution (RCE), denial of service, or data tampering Dark ReadingCSO OnlineSecurity Affairs. NVIDIA addressed the vulnerabilities in release 25.07 The Hacker NewsNVIDIA SupportSANS Institute.