CVE-2026-7141 vulnerabilities

Vulnerabilities for packages: tritonserver-backend-vllm-cuda-13.0...

ado-vllm-performance (>=1.2.2 <=1.3.3), agentclinic (=0.1.0) +37 more potentially affected by CVE-2026-7141 via vllm (>=0.10.0 <=0.19.0)

vllm PYPI version =0.10.0, =1.2.2, =0.0.0, =2.3.5, =0.2.0, =0.1.0, =1.0.1rc1, =0.0.4, =0.1.0, =0.3.9, =0.5.2, =0.1.0, =0.1.5, =0.2.0 - gfmrag =2.0.0 and more Source cves: CVE-2026-7141 Source advisory: OSV:GHSA-X368-4G9H-FVV4...

aana (>=0.2.1 <=0.2.2.2), acai-swarm (=0.1.0) +218 more potentially affected by CVE-2026-7141 via vllm (>=0.10.0 <=0.9.2)

vllm PYPI version =0.10.0, =0.2.1, =1.2.1, =0.0.0, =2.3.5, =0.0.7, =0.0.1b1, =0.1.15, =0.2.4, =1.0.0, =1.0.14 and more Source cves: CVE-2026-7141 Source advisory: SNYK:PYTHON-VLLM-16316415...

CVE-2026-7141 vllm KV Block kv_cache_interface.py has_mamba_layers uninitialized resource

A vulnerability was found in vllm up to 0.19.0. The affected element is the function hasmambalayers of the file vllm/v1/kvcacheinterface.py of the component KV Block Handler. Performing a manipulation results in uninitialized resource. It is possible to initiate the attack remotely. The attack is...