CVE-2026-24207
CRITICAL NUCLEINvidia Triton Inference Server - Authentication Bypass Using an Alternate Path or Channel
Title source: ruleExploitation Summary
EIP tracks 2 public exploits for CVE-2026-24207. PoCs published by offseckit. A Nuclei detection template is also available.
AI-analyzed exploit summary This repository contains a functional exploit for CVE-2026-24207, demonstrating an authentication bypass in NVIDIA Triton SageMaker. It includes tools for detection, bypass demonstration, and a full RCE chain via model loading. The exploit is well-documented with technical details and proof-of-concept code.
Description
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.
Exploits (2)
This repository contains a functional exploit for CVE-2026-24207, demonstrating an authentication bypass in NVIDIA Triton SageMaker. It includes tools for detection, bypass demonstration, and a full RCE chain via model loading. The exploit is well-documented with technical details and proof-of-concept code.
This repository contains functional exploit code for CVE-2026-24207, an authentication bypass vulnerability in NVIDIA Triton SageMaker. It includes a scanner to detect vulnerable instances, a bypass demonstration script, and a full RCE exploit chain that loads a malicious Python model.
Nuclei Templates (1)
http.title:"Triton" port:8080
References (3)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H