CVE-2025-59425
vLLM vulnerable to timing attack at bearer auth
In short
vLLM's API key validation is vulnerable to timing attacks, where an attacker can guess the correct API key character-by-character by measuring how long the server takes to reject each attempt. This allows attackers to bypass authentication and gain unauthorized access to the LLM service.
Technical detail
The API key validation in vLLM uses string comparison that exhibits timing variation based on the number of correct characters matched, enabling a timing side-channel attack. An attacker can iteratively determine each character of the API key by analyzing response times across multiple authentication attempts, leading to authentication bypass and unauthorized API access.
Summary generated and translated by AI from the official description.
vLLM is an inference and serving engine for large language models (LLMs). Before version 0.11.0rc2, the API key support in vLLM performs validation using a method that was vulnerable to a timing attack. API key validation uses a string comparison that takes longer the more characters the provided API key gets correct. Data analysis across many attempts could allow an attacker to determine when it finds the next correct character in the key sequence. Deployments relying on vLLM's built-in API key validation are vulnerable to authentication bypass using this technique. Version 0.11.0rc2 fixes the issue.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
vllm-project · vllmWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/vllm-project/vllm/blob/4b946d693e0af15740e9ca9c0e059d5f333b1083/vllm/entrypoints/openai/api_server.py#L1270-L1274https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48https://github.com/vllm-project/vllm/releases/tag/v0.11.0https://github.com/vllm-project/vllm/security/advisories/GHSA-wr9h-g72x-mwhm