EUVD-2026-32979

vllm-project/vllm version 0.14.1 contains a vulnerability where the trustremotecode=True parameter is hardcoded in two model implementation files vllm/modelexecutor/models/nemotronvl.py and vllm/modelexecutor/models/kimik25.py. This bypasses the user's explicit --trust-remote-code=False setting,...

PT-2026-44487

vllm-project/vllm version 0.14.1 contains a vulnerability where the trust remote code=True parameter is hardcoded in two model implementation files vllm/model executor/models/nemotron vl.py and vllm/model executor/models/kimi k25.py. This bypasses the user's explicit --trust-remote-code=False...