1078 matches found
GHSA-6V7P-G79W-8964 vulnerabilities
Vulnerabilities for packages: nemo, pypy-3.11, openstack-horizon-2025.2-fips, superset-fips, openstack-tempest-2025.2, openstack-tempest-2025.1, awx, jupyter-all-spark-notebook, mitmproxy, azure-functions-host, openstack-horizon-2025.2, openstack-glance-2026.1-fips, datadog-agent,...
GHSA-4XGF-CPJX-PC3J vulnerabilities
Vulnerabilities for packages: open-webui, airflow-postgres-fips, prefect, semgrep, airflow-core, prefect-fips, vllm-openai-cuda-13.0, vllm-cuda-13.2, mcp-atlassian, azureml-inference-server-http, tritonserver-backend-vllm-cuda-13.0, litellm, tritonserver-backend-vllm-cuda-12.9, lmcache-cuda-12.8,...
CVE-2026-54235
vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, ll temperature validation gates use comparison operators , which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagat...
GHSA-M6QW-4CW2-HM4M vulnerabilities
Vulnerabilities for packages: py3-vllm-cuda-12.9, py3-vllm-cuda-12.4, tritonserver-backend-vllm-cuda-12.9, py3.13-scanner-test-libraries-aiohttp, py3-vllm-cuda-13.0...
CVE-2026-50269 vulnerabilities
Vulnerabilities for packages: py3-vllm-cuda-12.9, py3-vllm-cuda-12.4, tritonserver-backend-vllm-cuda-12.9, py3.13-scanner-test-libraries-aiohttp, py3-vllm-cuda-13.0...
vLLM: GGUF dequantize kernel int truncation exposes uninitialized GPU memory in multi-tenant serving
Summary Integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels csrc/quantization/gguf/ggufkernel.cu causes partial tensor processing. The output tensor is allocated at full size via torch::empty uninitialized memory, but the dequantize CUDA kernel processes only a truncated...
CVE-2026-53540 vulnerabilities
Vulnerabilities for packages: airflow-core, wazuh-manager, wazuh-manager-fips, litellm, tritonserver-backend-vllm-cuda-12.9, airflow-postgres-fips, airflow...
CVE-2026-53537 vulnerabilities
Vulnerabilities for packages: airflow-core, wazuh-manager, wazuh-manager-fips, litellm, tritonserver-backend-vllm-cuda-12.9, airflow-postgres-fips, airflow...
GHSA-V9PG-7XVM-68HF vulnerabilities
Vulnerabilities for packages: airflow-core, wazuh-manager, wazuh-manager-fips, litellm, tritonserver-backend-vllm-cuda-12.9, airflow-postgres-fips, airflow...
GHSA-6JV3-5F52-599M vulnerabilities
Vulnerabilities for packages: airflow-core, wazuh-manager, wazuh-manager-fips, litellm, tritonserver-backend-vllm-cuda-12.9, airflow-postgres-fips, airflow...
CVE-2026-53539 vulnerabilities
Vulnerabilities for packages: airflow-core, wazuh-manager, wazuh-manager-fips, litellm, tritonserver-backend-vllm-cuda-12.9, airflow-postgres-fips, airflow...
GHSA-82W8-QH3P-5JFQ vulnerabilities
Vulnerabilities for packages: nemo, prefect, semgrep, airflow-core, mlflow-fips, prefect-fips, mlflow, tritonserver-backend-vllm-cuda-13.0, litellm, tritonserver-backend-vllm-cuda-12.9, airflow-postgres-fips, airflow...
CVE-2026-54283 vulnerabilities
Vulnerabilities for packages: nemo, prefect, semgrep, airflow-core, mlflow-fips, prefect-fips, mlflow, tritonserver-backend-vllm-cuda-13.0, litellm, tritonserver-backend-vllm-cuda-12.9, airflow-postgres-fips, airflow...
CVE-2026-54282 vulnerabilities
Vulnerabilities for packages: nemo, prefect, semgrep, airflow-core, mlflow-fips, prefect-fips, mlflow, tritonserver-backend-vllm-cuda-13.0, litellm, tritonserver-backend-vllm-cuda-12.9, airflow-postgres-fips, airflow...
GHSA-JP82-JPQV-5VV3 vulnerabilities
Vulnerabilities for packages: nemo, prefect, semgrep, airflow-core, mlflow-fips, prefect-fips, mlflow, tritonserver-backend-vllm-cuda-13.0, litellm, tritonserver-backend-vllm-cuda-12.9, airflow-postgres-fips, airflow...
GHSA-HPJ7-WQ8M-9HGP vulnerabilities
Vulnerabilities for packages: py3-vllm-cuda-12.4, awx, text-generation-inference, tritonserver-backend-vllm-cuda-13.0, airflow, request-1276, authentik, apache-beam-python-3.13-sdk, apache-beam-python-3.11-sdk, mlflow, dask-kubernetes-fips, tritonserver-backend-vllm-cuda-12.9, py3-vllm-cuda-13.0,...
GHSA-G3CQ-J2XW-WF74 vulnerabilities
Vulnerabilities for packages: py3-vllm-cuda-12.4, awx, text-generation-inference, tritonserver-backend-vllm-cuda-13.0, airflow, request-1276, authentik, apache-beam-python-3.13-sdk, apache-beam-python-3.11-sdk, mlflow, dask-kubernetes-fips, tritonserver-backend-vllm-cuda-12.9, py3-vllm-cuda-13.0,...
GHSA-4FVR-RGM6-GQMC vulnerabilities
Vulnerabilities for packages: py3-vllm-cuda-12.4, awx, text-generation-inference, tritonserver-backend-vllm-cuda-13.0, airflow, request-1276, authentik, apache-beam-python-3.13-sdk, apache-beam-python-3.11-sdk, mlflow, dask-kubernetes-fips, tritonserver-backend-vllm-cuda-12.9, py3-vllm-cuda-13.0,...
CVE-2026-54280 vulnerabilities
Vulnerabilities for packages: py3-vllm-cuda-12.4, awx, text-generation-inference, tritonserver-backend-vllm-cuda-13.0, airflow, request-1276, authentik, apache-beam-python-3.13-sdk, apache-beam-python-3.11-sdk, mlflow, dask-kubernetes-fips, tritonserver-backend-vllm-cuda-12.9, py3-vllm-cuda-13.0,...
CVE-2026-54277 vulnerabilities
Vulnerabilities for packages: py3-vllm-cuda-12.4, awx, text-generation-inference, tritonserver-backend-vllm-cuda-13.0, airflow, request-1276, authentik, apache-beam-python-3.13-sdk, apache-beam-python-3.11-sdk, mlflow, dask-kubernetes-fips, tritonserver-backend-vllm-cuda-12.9, py3-vllm-cuda-13.0,...