Lucene search
K

18 matches found

NVD
NVD
added 5 days ago9 views

CVE-2026-55514

vLLM is a library for LLM inference and serving. From 0.12.0 to before 0.24.0, sending a pure prompt embeds payload in a /v1/completions request with a model using M-RoPE causes EngineCore to fail an assertion and fatally crash, shutting down the entire server application. Any remote user who is...

7.1CVSS0.0037EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-55514

vLLM is a library for LLM inference and serving. From 0.12.0 to before 0.24.0, sending a pure prompt embeds payload in a /v1/completions request with a model using M-RoPE causes EngineCore to fail an assertion and fatally crash, shutting down the entire server application. Any remote user who is...

7.1CVSS6AI score0.0037EPSS
Exploits0References5Affected Software1
CVE
CVE
added 5 days ago8 views

CVE-2026-55514

CVE-2026-55514 affects the vLLM library (inference/serving) from versions 0.12.0 through older than 0.24.0. Sending a pure prompt embeds payload in a /v1/completions request for a model using M-RoPE triggers an EngineCore assertion, causing a fatal crash that shuts down the entire server applicat...

7.1CVSS6AI score0.0037EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-387 LiteLLM has Server-Side Template Injection vulnerability in /completions endpoint

BerriAI/litellm is vulnerable to Server-Side Template Injection SSTI via the /completions endpoint. The vulnerability arises from the hfchattemplate method processing the chattemplate parameter from the tokenizerconfig.json file through the Jinja template engine without proper sanitization...

9.8CVSS7.7AI score0.01256EPSS
Exploits1References9
CVE
CVE
added 2026/05/15 7:20 p.m.26 views

CVE-2026-45349

Open WebUI had a broken access control issue for the completions API ( /api/chat/completions ) allowing a user to continue another user’s conversation if they knew the other user’s Chat ID. This privacy/policy bypass could expose private conversations. The issue affects prior to version 0.9.0 and...

7.1CVSS5.8AI score0.00231EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/05/14 8:24 p.m.8 views

GHSA-GFM2-XM6C-37QC Open WebUI has Broken Access Control for Completions API

Summary Any user X can continue the conversation of any other user Y, as long as the Chat ID of Y is known. User X does not even need to be an admin to do so. Details A user just needs to use the API endpoint: /api/chat/completions with their own API key generated in OWUI and the Chat ID of anoth...

7.1CVSS5.8AI score0.00231EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/05/06 5:23 p.m.10 views

QuantumNous/new-api has an SSRF Filter Bypass via 0.0.0.0

SSRF Filter Bypass via 0.0.0.0 Summary The SSRF protection introduced in v0.9.0.5 CVE-2025-59146 and hardened in v0.9.6 CVE-2025-62155 does not block the unspecified address 0.0.0.0. A regular non-admin user holding any valid API token can send a multimodal request to /v1/chat/completions,...

7.1CVSS7.2AI score0.00258EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/25 7:7 a.m.12 views

CVE-2025-62426

A vulnerability in vLLM allows an authenticated user to trigger unintended tokenization during chat template processing by supplying crafted chattemplatekwargs to the /v1/chat/completions or /tokenize endpoints. By forcing the server to tokenize very large inputs, an attacker can block the API...

6.5CVSS6.4AI score0.00326EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/11/21 1:18 a.m.16 views

CVE-2025-62164 VLLM deserialization vulnerability leading to DoS and potential RCE

vLLM is an inference and serving engine for large language models LLMs. From versions 0.10.2 to before 0.11.1, a memory corruption vulnerability could lead to a crash denial-of-service and potentially remote code execution RCE, exists in the Completions API endpoint. When processing user-supplied...

8.8CVSS0.00849EPSS
Exploits0References3
OSV
OSV
added 2025/11/21 1:18 a.m.3 views

CVE-2025-62164 VLLM deserialization vulnerability leading to DoS and potential RCE

vLLM is an inference and serving engine for large language models LLMs. From versions 0.10.2 to before 0.11.1, a memory corruption vulnerability could lead to a crash denial-of-service and potentially remote code execution RCE, exists in the Completions API endpoint. When processing user-supplied...

8.8CVSS8.1AI score0.00849EPSS
Exploits0References5
OSV
OSV
added 2025/11/20 8:59 p.m.1 views

GHSA-MRW7-HF4F-83PF vLLM deserialization vulnerability leading to DoS and potential RCE

Summary A memory corruption vulnerability that leading to a crash denial-of-service and potentially remote code execution RCE exists in vLLM versions 0.10.2 and later, in the Completions API endpoint. When processing user-supplied prompt embeddings, the endpoint loads serialized tensors using...

8.8CVSS6.5AI score0.00849EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/20 12:0 a.m.3 views

PT-2025-47648

Name of the Vulnerable Software and Affected Versions vLLM versions 0.10.2 through 0.11.0 Description vLLM is an inference and serving engine for large language models LLMs. A memory corruption issue exists in the Completions API endpoint, specifically when processing user-supplied prompt...

9CVSS7.9AI score0.00849EPSS
Exploits0References29
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1088

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01256EPSS
Exploits1References8
Snyk
Snyk
added 2025/07/08 2:44 a.m.3 views

SQL Injection

Overview airda is an airda Affected versions of this package are vulnerable to SQL Injection via the execute function in the /v1/chat/completions file when processing the question argument. An attacker can access or modify sensitive data, or disrupt application functionality by sending crafted...

6.5CVSS7.9AI score0.00248EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/30 12:0 a.m.5 views

vLLM 安全漏洞

vLLM is a high throughput and memory efficient inference and service engine for LLM from the vLLM open source. A security vulnerability exists in vLLM versions prior to 0.8.0 through 0.9.0, which stems from the use of an invalid jsonschema call to the /v1/completions API that could cause the serv...

6.5CVSS6.3AI score0.00453EPSS
Exploits1References5
OSV
OSV
added 2024/09/17 6:33 p.m.1 views

GHSA-W2R7-9579-27HF vLLM denial of service vulnerability

A flaw was found in the vLLM library. A completions API request with an empty prompt will crash the vLLM API server, resulting in a denial of service...

8.7CVSS5.8AI score0.00676EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/04/10 5:7 p.m.26 views

CVE-2024-2952 Server-Side Template Injection in BerriAI/litellm

BerriAI/litellm is vulnerable to Server-Side Template Injection SSTI via the /completions endpoint. The vulnerability arises from the hfchattemplate method processing the chattemplate parameter from the tokenizerconfig.json file through the Jinja template engine without proper sanitization...

9.8CVSS10AI score0.01256EPSS
Exploits1References2
CVE
CVE
added 2024/04/10 5:7 p.m.123 views

CVE-2024-2952

CVE-2024-2952 affects BerriAI/litellm. The vulnerability is an SSTI in the /completions endpoint: the hf_chat_template method processes the chat_template parameter from tokenizer_config.json using the Jinja template engine without proper sanitization, enabling attackers to craft malicious tokeniz...

9.8CVSS9.8AI score0.01256EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder