Vulnerabilidades en vllm-project
46 resultadosCVE-2026-22778CRITICALvLLM leaks a heap address when PIL throws an errorEPSS 3.3%CVE-2025-32444CRITICALvLLM Vulnerable to Remote Code Execution via Mooncake IntegrationEPSS 1.5%CVE-2024-11041CRITICALRemote Code Execution in vllm-project/vllmEPSS 1.4%CVE-2024-9053CRITICALRemote Code Execution in vllm-project/vllmEPSS 1.3%CVE-2025-47277CRITICALvLLM Allows Remote Code Execution via PyNcclPipe Communication ServiceEPSS 0.9%CVE-2025-62164HIGHVLLM deserialization vulnerability leading to DoS and potential RCEEPSS 0.8%CVE-2026-54236MEDIUMvLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic routerEPSS 0.8%CVE-2025-29783CRITICALvLLM Allows Remote Code Execution via Mooncake IntegrationEPSS 0.8%CVE-2026-27893HIGHvLLM's hardcoded trust_remote_code=True in NemotronVL and KimiK25 bypasses user security opt-outEPSS 0.7%CVE-2026-4944HIGHHardcoded trust_remote_code=True in vllm-project/vllm Bypasses User Security ControlEPSS 0.7%CVE-2026-48746CRITICALvLLM: OpenAI auth bypassEPSS 0.7%CVE-2025-24357HIGHvLLM allows a malicious model RCE by torch.load in hf_model_weights_iteratorEPSS 0.6%CVE-2025-66448HIGHvLLM vulnerable to remote code execution via transformers_utils/get_configEPSS 0.6%CVE-2026-22807HIGHvLLM affected by RCE via auto_map dynamic module loading during model initializationEPSS 0.5%CVE-2025-59425HIGHvLLM vulnerable to timing attack at bearer authEPSS 0.5%CVE-2025-48956HIGHvLLM API endpoints vulnerable to Denial of Service AttacksEPSS 0.5%CVE-2025-30202HIGHData exposure via ZeroMQ on multi-node vLLM deploymentEPSS 0.5%CVE-2025-30165HIGHRemote Code Execution Vulnerability in vLLM Multi-Node Cluster ConfigurationEPSS 0.5%CVE-2025-48942MEDIUMvLLM DOS: Remotely kill vllm over http with invalid JSON schemaEPSS 0.5%CVE-2025-48944MEDIUMvLLM Tool Schema allows DoS via Malformed pattern and type FieldsEPSS 0.4%