Vulnerabilidades em vllm-project
46 resultadosCVE-2026-25960HIGHSSRF Protection Bypass in vLLMEPSS 0.4%CVE-2026-41523HIGHvLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arbitrary Code ExecutionEPSS 0.4%CVE-2026-9540MEDIUMvllm-project vllm OpenAI-compatible Serving Path denial of serviceEPSS 0.4%CVE-2025-46560MEDIUMvLLM phi4mm: Quadratic Time Complexity in Input Token Processing leads to denial of serviceEPSS 0.4%CVE-2025-48887MEDIUMvLLM has a Regular Expression Denial of Service (ReDoS, Exponential Complexity) Vulnerability in `pythonic_tool_parser.py`EPSS 0.4%CVE-2026-5497HIGHUnbounded Frame Count in video/jpeg Base64 Data URL Processing Leads to OOM DoS in vllm-project/vllmEPSS 0.4%CVE-2025-29770MEDIUMvLLM denial of service via outlines unbounded cache on diskEPSS 0.4%CVE-2026-44222MEDIUMvLLM: Remote DoS via Special-Token PlaceholdersEPSS 0.4%CVE-2026-22773MEDIUMvLLM is vulnerable to DoS in Idefics3 vision models via image payload with ambiguous dimensionsEPSS 0.4%CVE-2025-48943MEDIUMvLLM allows clients to crash the openai server with invalid regexEPSS 0.4%CVE-2026-44223MEDIUMvLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parametersEPSS 0.4%CVE-2026-24779HIGHvLLM vulnerable to Server-Side Request Forgery (SSRF) in `MediaConnector`EPSS 0.4%CVE-2025-62372HIGHvLLM vulnerable to DoS with incorrect shape of multimodal embedding inputsEPSS 0.3%CVE-2025-62426MEDIUMvLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`EPSS 0.3%CVE-2026-54232HIGHvLLM: Dependency Confusion Vulnerability in vLLM DockerfileEPSS 0.3%CVE-2026-34756MEDIUMvLLM Affected by Unauthenticated OOM Denial of Service via Unbounded `n` Parameter in OpenAI API ServerEPSS 0.3%CVE-2026-53923MEDIUMvLLM GGUF Kernels: int64_t to int truncation of tensor dimensions causes GPU buffer overflowEPSS 0.3%CVE-2026-34755MEDIUMvLLM Affected by Denial of Service via Unbounded Frame Count in video/jpeg Base64 ProcessingEPSS 0.3%CVE-2026-34760MEDIUMvLLM: Downmix Implementation Differences as Attack Vectors Against Audio AI ModelsEPSS 0.3%CVE-2025-46722MEDIUMvLLM has a Weakness in MultiModalHasher Image Hashing ImplementationEPSS 0.3%