CVE-2026-44222

vLLM is an inference and serving engine for large language models LLMs. From 0.6.1 to before 0.20.0, there is a a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, text-only prompts that spell special tokens are interpreted as control. Image and video placeholder...

CVE-2026-22778

vLLM is an inference and serving engine for large language models LLMs. From 0.8.3 to before 0.14.1, when an invalid image is sent to vLLM's multimodal endpoint, PIL throws an error. vLLM returns this error to the client, leaking a heap address. With this leak, we reduce ASLR from 4 billion guess...

CVE-2025-6242

The CVE-2025-6242 SSRF vulnerability targets vLLM's MediaConnector (load_from_url/load_from_url_async) allowing user-supplied URLs to trigger server-side requests to internal resources. Concrete details: the issue arises from insufficient host restriction on mediaURL fetches, enabling potential a...

CVE-2025-6242 Vllm: server side request forgery (ssrf) in mediaconnector

A Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an...