Vulnerabilities in vllm-project
46 resultsCVE-2026-54235MEDIUMvLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernelsEPSS 0.3%CVE-2025-46570LOWvLLM’s Chunk-Based Prefix Caching Vulnerable to Potential Timing Side-ChannelEPSS 0.2%CVE-2026-34753MEDIUMvLLM affected by Server-Side Request Forgery (SSRF) in `download_bytes_from_url `EPSS 0.2%CVE-2026-54233MEDIUMvLLM: OOM Denial of Service via Audio Decompression BombEPSS 0.2%CVE-2025-25183LOWvLLM using built-in hash() from Python 3.12 leads to predictable hash collisions in vLLM prefix cacheEPSS 0.2%CVE-2026-47155MEDIUMvLLM: Artifact Pin Decay in vLLM allows pinned deployments to load unpinned code, weights, and processorsEPSS 0.1%