Lucene search
K

236 matches found

Nuclei
Nuclei
added 10 hours ago12 views

vLLM 0.8.3 - 0.14.0 - Information Disclosure

vLLM 0.8.3 to - 0.14.1 contains an information disclosure caused by leaking a heap address in error messages from the multimodal endpoint when processing invalid images, letting remote attackers reduce ASLR entropy, exploit requires sending invalid images. id: CVE-2026-22778 info: name: vLLM 0.8....

9.8CVSS6.7AI score0.03816EPSS
Exploits0References3
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-539 SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker

SGLang's multimodal generation module is vulnerable to unauthenticated remote code execution through the ZMQ broker, which deserializes untrusted data using pickle.loads without authentication...

9.8CVSS7.4AI score0.01534EPSS
Exploits1References9
NVD
NVD
added 2026/06/20 7:16 p.m.24 views

CVE-2026-56340

vLLM versions = 0.10.2 and 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests with malformed negative or out-of-bounds tensor indices, when the...

8.8CVSS0.00352EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/20 6:27 p.m.20 views

CVE-2026-56340 vLLM - Denial of Service via Unvalidated Multimodal Embeddings

vLLM versions = 0.10.2 and 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests with malformed negative or out-of-bounds tensor indices, when the...

8.8CVSS0.00352EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/20 6:27 p.m.6 views

CVE-2026-56340 vLLM - Denial of Service via Unvalidated Multimodal Embeddings

vLLM versions = 0.10.2 and 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests with malformed negative or out-of-bounds tensor indices, when the...

8.8CVSS5.9AI score0.00352EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/20 6:27 p.m.10 views

CVE-2026-56340

vLLM versions = 0.10.2 and 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests with malformed negative or out-of-bounds tensor indices, when the...

8.8CVSS5.9AI score0.00352EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/20 6:27 p.m.50 views

CVE-2026-56340

vLLM versions >= 0.10.2 and

8.8CVSS5.9AI score0.00352EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.21 views

PT-2026-51172

Name of the Vulnerable Software and Affected Versions vLLM versions 0.10.2 through 0.12.x Description Multimodal embeddings processing lacks sparse tensor validation. Since PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests containing...

8.8CVSS5.9AI score0.00352EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.10 views

MemVenom: Triggered Poisoning of Multimodal Memories in Web Agents

External memory has become a core component of modern web agents, enabling long-horizon reasoning through the retrieval of past experiences. However, this paradigm introduces a critical vulnerability: malicious content injected into memory can be persistently recalled and repeatedly influence age...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.8 views

Unveiling Privacy Risks in Multi-Modal Large Language Models: Task-Specific Vulnerabilities and Mitigation Challenges

Privacy risks in text-only Large Language Models LLMs are well studied, particularly their tendency to memorize and leak sensitive information. However, Multi-modal Large Language Models MLLMs, which process both text and images, introduce unique privacy challenges that remain underexplored...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-10800

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...

3.6CVSS4.8AI score0.00075EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.8 views

CVE-2026-44222

vLLM is an inference and serving engine for large language models LLMs. From 0.6.1 to before 0.20.0, there is a a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, text-only prompts that spell special tokens are interpreted as control. Image and video placeholder...

7.5CVSS5.5AI score0.00414EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/04 9:45 a.m.12 views

EUVD-2026-34239

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...

3.6CVSS5.2AI score0.00075EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/06/04 9:45 a.m.9 views

CVE-2026-10800 PaddlePaddle FastDeploy MultimodalHasher hasher.py hash_features weak hash

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...

3.6CVSS5.2AI score0.00075EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/04 9:45 a.m.45 views

CVE-2026-10800 PaddlePaddle FastDeploy MultimodalHasher hasher.py hash_features weak hash

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...

3.6CVSS0.00075EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.19 views

PT-2026-46167

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hash features of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A hig...

3.6CVSS5.2AI score0.00075EPSS
Exploits0References9
Snyk
Snyk
added 2026/05/18 12:31 p.m.10 views

Deserialization of Untrusted Data

Overview sglang is a SGLang is a fast serving framework for large language models and vision language models. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the ROUTER socket which binds to 0.0.0.0 by default and deserializes incoming messages using...

9.8CVSS6.1AI score0.00399EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 12:31 p.m.8 views

Directory Traversal

Overview sglang is a SGLang is a fast serving framework for large language models and vision language models. Affected versions of this package are vulnerable to Directory Traversal via the upload filename parameter in specific endpoints. An unauthenticated attacker can overwrite or create...

9.1CVSS6.3AI score0.00386EPSS
Exploits0References2
OSV
OSV
added 2026/05/18 12:31 p.m.7 views

GHSA-QWRP-WGHP-94Q2 SGLang's multimodal generation runtime has an unauthenticated path traversal vulnerability

SGLang's multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints...

9.1CVSS5.9AI score0.00386EPSS
Exploits0References4
OSV
OSV
added 2026/05/18 12:31 p.m.9 views

GHSA-GWV6-PQ6M-P3RQ SGLanG: Multimodal scheduler deserializes untrusted pickle data on 0.0.0.0 ROUTER socket

SGLang's multimodal generation runtime scheduler's ROUTER socket binds to 0.0.0.0 by default and contains a sink that calls pickle.loads on incoming messages, enabling RCE when exposed to the internet...

9.8CVSS5.8AI score0.00399EPSS
Exploits0References4
Rows per page
Query Builder