Lucene search
+L

4 matches found

CVE
CVE
added 2026/05/12 7:57 p.m.31 views

CVE-2026-44222

CVE-2026-44222 (vLLM) affects vLLM versions 0.6.1 through 0.19.x where a token-injection vulnerability in multimodal processing allows unauthenticated text prompts containing special tokens to be interpreted as control. When image/video placeholder sequences are provided without corresponding dat...

7.5CVSS5.8AI score0.00414EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/05/12 7:57 p.m.4 views

CVE-2026-44222 vLLM: Remote DoS via Special-Token Placeholders

vLLM is an inference and serving engine for large language models LLMs. From 0.6.1 to before 0.20.0, there is a a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, text-only prompts that spell special tokens are interpreted as control. Image and video placeholder...

6.5CVSS6AI score0.00414EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/04/06 12:0 a.m.30 views

Amazon Linux 2 : flatpak (ALAS-2021-1625)

The version of flatpak installed on the remote host is prior to 1.0.9-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1625 advisory. A sandbox escape flaw was found in the way flatpak handled special tokens in .desktop files. This flaw allows an attacker to gain...

8.2CVSS7.2AI score0.01546EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/03/11 12:0 a.m.25 views

CVE-2021-21381 Sandbox escape via special tokens in .desktop file

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10.2 has a vulnerability in the "file forwarding" feature which can be used by an attacker to gain access to files that would not ordinarily be...

7.1CVSS8.3AI score0.01546EPSS
Exploits0References10
Rows per page
Query Builder