Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CNNVD
CNNVDadded 2026/04/06 12:0 a.m.1 views

vLLM 代码问题漏洞

vLLM is an open-source solution designed for LLM-based models, featuring high throughput and memory-efficient reasoning and service engines. Versions of vLLM prior to 0.16.0 to 0.19.0 contained code vulnerabilities. These vulnerabilities stemmed from a lack of URL validation in the...

5.4CVSS5.9AI score0.00046EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/05/29 4:32 p.m.16 views

CVE-2025-46570 vLLM’s Chunk-Based Prefix Caching Vulnerable to Potential Timing Side-Channel

vLLM is an inference and serving engine for large language models LLMs. Prior to version 0.9.0, when a new prompt is processed, if the PageAttention mechanism finds a matching prefix chunk, the prefill process speeds up, which is reflected in the TTFT Time to First Token. These timing differences...

2.6CVSS0.00177EPSS
Exploits0References3
CVE
CVEadded 2025/02/07 7:59 p.m.280 views

CVE-2025-25183

CVE-2025-25183 affects vLLM (prefix cache) where malicious inputs can trigger Python 3.12’s hash(None) behaving as a predictable constant, enabling hash collisions in the prefix cache. This may allow cache entries created from one prompt to be reused for another, causing unintended behavior in re...

2.6CVSS6.8AI score0.00323EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder