3 matches found
PT-2026-51172
Name of the Vulnerable Software and Affected Versions vLLM versions 0.10.2 through 0.12.x Description Multimodal embeddings processing lacks sparse tensor validation. Since PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests containing...
vLLM introduced enhanced protection for CVE-2025-62164
Summary The fix here for CVE-2025-62164 is not sufficient. The fix only disables prompt embeds by default rather than addressing the root cause, so the DoS vulnerability remains when the feature is enabled. Details vLLM's pending change attempts to fix the root cause, which is the missing sparse...
CVE-2025-62164
creationtimestamp| type| source ---|---|--- 2025-11-21 03:18:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m64d4stlz72s 2025-11-21 17:15:20+00:00| seen| https://bsky.app/profile/checkmarxzero.bsky.social/post/3m65rvmma7d2j 2025-11-24 03:39:31+00:00| seen|...