CVE-2026-22778 vLLM leaks a heap address when PIL throws an error

vLLM is an inference and serving engine for large language models LLMs. From 0.8.3 to before 0.14.1, when an invalid image is sent to vLLM's multimodal endpoint, PIL throws an error. vLLM returns this error to the client, leaking a heap address. With this leak, we reduce ASLR from 4 billion guess...

CVE-2025-62426

vLLM is an inference and serving engine for large language models LLMs. From version 0.5.5 to before 0.11.1, the /v1/chat/completions and /tokenize endpoints allow a chattemplatekwargs request parameter that is used in the code before it is properly validated against the chat template. With the...

EUVD-2025-25446

Malicious code in bioql PyPI...

CVE-2025-48956

A flaw was found in vLLM. A denial of service DoS vulnerability can be triggered by sending a single HTTP GET request with an extremely large X-Forwarded-For header to an HTTP endpoint. This results in server memory exhaustion, potentially leading to a crash or unresponsiveness. The attack does n...

PYSEC-2025-54

vLLM is an inference and serving engine for large language models LLMs. In versions 0.8.0 up to but excluding 0.9.0, hitting the /v1/completions API with a invalid jsonschema as a Guided Param kills the vllm server. This vulnerability is similar GHSA-9hcf-v7m4-6m2j/CVE-2025-48943, but for regex...

Incomplete Comparison with Missing Factors

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Incomplete Comparison with Missing Factors due to the implementation of image hashing in hasher.py. An attacker can achieve hash collisions and...

vLLM 安全漏洞

vLLM is a high throughput and memory efficient inference and service engine for LLM from vLLM open source. A security vulnerability exists in vLLM that stems from a caching mechanism in the outlines library that could lead to a denial of service by running out of file system space...