Lucene search
K

625 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-43310

A flaw was found in the vllm-orchestrator-gateway component. The system's production binary logs all incoming authorization headers and full chat payloads, which may contain personally identifiable information PII and secrets, to persistent logs. This sensitive data, including bearer tokens and...

7.5CVSS6AI score0.00259EPSS
Exploits0References3
NVD
NVD
added yesterday4 views

CVE-2026-15574

A flaw was found in the vllm-orchestrator-gateway component. The system's production binary logs all incoming authorization headers and full chat payloads, which may contain personally identifiable information PII and secrets, to persistent logs. This sensitive data, including bearer tokens and...

7.5CVSS0.00259EPSS
Exploits0References2
CVE
CVE
added yesterday9 views

CVE-2026-15574

The CVE-2026-15574 issue affects the vllm-orchestrator-gateway component, where the production binary logs incoming authorization headers and full chat payloads, potentially exposing PII, secrets, bearer tokens, and conversation content. This data exposure arises from a hard-coded debug/default l...

7.5CVSS6AI score0.00259EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added yesterday7 views

CVE-2026-15574

A flaw was found in the vllm-orchestrator-gateway component. The system's production binary logs all incoming authorization headers and full chat payloads, which may contain personally identifiable information PII and secrets, to persistent logs. This sensitive data, including bearer tokens and...

7.5CVSS6AI score0.00259EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday7 views

vLLM <= 0.23.0 - Anthropic Router Heap Address Information Leak

vLLM = 0.23.0 incompletely fixes CVE-2026-22778. The original fix added sanitizemessage to the OpenAI router but the Anthropic-compatible router /v1/messages echoes strexc directly. id: CVE-2026-54236 info: name: vLLM = 0.23.0 - Anthropic Router Heap Address Information Leak author: kenlacroix...

9.8CVSS6.7AI score0.03816EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 6 days ago4 views

CVE-2026-54234

A flaw was found in vLLM, a high-throughput and memory-efficient inference and serving engine for Large Language Models LLMs. A remote attacker can exploit this vulnerability by sending a specially crafted multi-request speculative decoding workload through public gRPC Generate and Abort endpoint...

7.5CVSS5.9AI score0.00343EPSS
Exploits1References6
NVD
NVD
added 2026/07/06 9:16 p.m.10 views

CVE-2026-55514

vLLM is a library for LLM inference and serving. From 0.12.0 to before 0.24.0, sending a pure prompt embeds payload in a /v1/completions request with a model using M-RoPE causes EngineCore to fail an assertion and fatally crash, shutting down the entire server application. Any remote user who is...

7.1CVSS0.0037EPSS
Exploits0References4
NVD
NVD
added 2026/07/06 9:16 p.m.8 views

CVE-2026-54234

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, a frontend-legal multi-request speculative decoding workload can cause the rejection sampler to produce a recovered token equal to the model vocabulary size boundary value, which is then convert...

7.5CVSS0.00343EPSS
Exploits1References3
NVD
NVD
added 2026/07/06 8:16 p.m.6 views

CVE-2026-55646

vLLM is an inference and serving engine for large language models. From 0.22.0 to 0.23.0, the /v1/audio/transcriptions and /v1/audio/translations routes call request.file.read to fully materialize an uploaded audio file into memory before vLLM checks the documented VLLMMAXAUDIOCLIPFILESIZEMB...

6.5CVSS0.00289EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:7 p.m.5 views

CVE-2026-55514

vLLM is a library for LLM inference and serving. From 0.12.0 to before 0.24.0, sending a pure prompt embeds payload in a /v1/completions request with a model using M-RoPE causes EngineCore to fail an assertion and fatally crash, shutting down the entire server application. Any remote user who is...

7.1CVSS6AI score0.0037EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/07/06 8:7 p.m.12 views

CVE-2026-55514

CVE-2026-55514 affects the vLLM library (inference/serving) from versions 0.12.0 through older than 0.24.0. Sending a pure prompt embeds payload in a /v1/completions request for a model using M-RoPE triggers an EngineCore assertion, causing a fatal crash that shuts down the entire server applicat...

7.1CVSS6AI score0.0037EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/07/06 7:49 p.m.11 views

CVE-2026-54234

CVE-2026-54234 affects vLLM prior to version 0.24.0. A frontend multi-request speculative decoding path could cause the rejection sampler to produce a recovered token equal to the model vocabulary size boundary value, which becomes negative one when the next live token is selected. This out-of-vo...

7.5CVSS6AI score0.00343EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/07/06 7:49 p.m.35 views

CVE-2026-54234 vLLM: Remote DoS in vLLM via Invalid Recovered Token Reinjection

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, a frontend-legal multi-request speculative decoding workload can cause the rejection sampler to produce a recovered token equal to the model vocabulary size boundary value, which is then convert...

7.5CVSS0.00343EPSS
Exploits1References3
OSV
OSV
added 2026/07/06 7:41 p.m.3 views

CVE-2026-55646 vLLM speech-to-text endpoints allocate full upload before enforcing the audio file-size limit

vLLM is an inference and serving engine for large language models. From 0.22.0 to 0.23.0, the /v1/audio/transcriptions and /v1/audio/translations routes call request.file.read to fully materialize an uploaded audio file into memory before vLLM checks the documented VLLMMAXAUDIOCLIPFILESIZEMB...

6.5CVSS6AI score0.00289EPSS
Exploits0References5
CVE
CVE
added 2026/07/06 7:41 p.m.15 views

CVE-2026-55646

CVE-2026-55646 (vLLM) affects vLLM versions 0.22.0–0.23.0. The routes /v1/audio/transcriptions and /v1/audio/translations call request.file.read() to fully materialize an uploaded audio file before enforcing the documented size limit (default 25 MB). This can cause the server to allocate memory p...

6.5CVSS6AI score0.00289EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-56000

Name of the Vulnerable Software and Affected Versions vLLM versions prior to 0.24.0 Description The structured outputs.regex API parameter allows user-supplied regular expression strings to be passed to grammar compiler backends without a compilation timeout. In the xgrammar backend, the string i...

8.7CVSS6AI score0.00324EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.15 views

PT-2026-55999

Name of the Vulnerable Software and Affected Versions vLLM versions 0.12.0 through 0.23.x Description A flaw in the EngineCore of the library occurs when a remote authorized user sends a pure prompt embeds payload to the '/v1/completions' endpoint using a model that implements M-RoPE Multimodal...

7.1CVSS6.1AI score0.0037EPSS
Exploits0References8
Chainguard
Chainguard
added 2026/07/03 8:22 p.m.15 views

CVE-2026-4372 vulnerabilities

Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, text-generation-inference...

7.8CVSS7AI score0.00479EPSS
Exploits1
Chainguard
Chainguard
added 2026/07/03 8:22 p.m.15 views

GHSA-29PF-2H5F-8G72 vulnerabilities

Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, text-generation-inference...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/02 2:17 a.m.11 views

CVE-2026-54233 vulnerabilities

Vulnerabilities for packages: vllm-cuda-13.2, vllm-openai-cuda-13.0...

6.5CVSS6.1AI score0.00243EPSS
Exploits0
Rows per page
Query Builder