Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.8 views

CVE-2026-44222

vLLM is an inference and serving engine for large language models LLMs. From 0.6.1 to before 0.20.0, there is a a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, text-only prompts that spell special tokens are interpreted as control. Image and video placeholder...

7.5CVSS5.5AI score0.00414EPSS
Exploits1References1
NVD
NVD
added 2026/05/12 8:16 p.m.9 views

CVE-2026-44222

vLLM is an inference and serving engine for large language models LLMs. From 0.6.1 to before 0.20.0, there is a a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, text-only prompts that spell special tokens are interpreted as control. Image and video placeholder...

7.5CVSS0.00414EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/12 7:57 p.m.49 views

CVE-2026-44222 vLLM: Remote DoS via Special-Token Placeholders

vLLM is an inference and serving engine for large language models LLMs. From 0.6.1 to before 0.20.0, there is a a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, text-only prompts that spell special tokens are interpreted as control. Image and video placeholder...

6.5CVSS0.00414EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/12 7:57 p.m.11 views

CVE-2026-44222 vLLM: Remote DoS via Special-Token Placeholders

vLLM is an inference and serving engine for large language models LLMs. From 0.6.1 to before 0.20.0, there is a a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, text-only prompts that spell special tokens are interpreted as control. Image and video placeholder...

6.5CVSS5.8AI score0.00414EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:57 p.m.6 views

CVE-2026-44222

vLLM is an inference and serving engine for large language models LLMs. From 0.6.1 to before 0.20.0, there is a a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, text-only prompts that spell special tokens are interpreted as control. Image and video placeholder...

6.5CVSS5.8AI score0.00414EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/05/12 7:57 p.m.31 views

CVE-2026-44222

CVE-2026-44222 (vLLM) affects vLLM versions 0.6.1 through 0.19.x where a token-injection vulnerability in multimodal processing allows unauthenticated text prompts containing special tokens to be interpreted as control. When image/video placeholder sequences are provided without corresponding dat...

7.5CVSS5.8AI score0.00414EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

vLLM 输入验证错误漏洞

vLLM is an open-source inference and service engine designed for LLM models, featuring high throughput and efficient memory usage. Versions of vLLM prior to 0.6.1 to 0.20.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from token injection issues during...

7.5CVSS5.8AI score0.00414EPSS
Exploits1References1
Rows per page
Query Builder