CVE-2025-48943 – This CVE describes a Regular Expression Denial ... (How to Fix)

📋 TL;DR

This CVE describes a Regular Expression Denial of Service (ReDoS) vulnerability in vLLM versions 0.8.0 through 0.9.0. Attackers can crash vLLM servers by providing malicious regex patterns when using structured output functionality. This affects anyone running vulnerable vLLM versions with structured output enabled.

💻 Affected Systems

Products:

vLLM

Versions: 0.8.0 up to but excluding 0.9.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using structured output functionality with regex patterns.

📦 What is this software?

Vllm by Vllm

View all CVEs affecting Vllm →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of vLLM inference endpoints, causing LLM services to become unavailable until server restart.

🟠

Likely Case

Targeted DoS attacks against vLLM deployments, causing intermittent service interruptions and requiring manual intervention.

🟢

If Mitigated

No impact if patched or structured output is disabled; minimal impact with proper input validation and rate limiting.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending specially crafted regex patterns to structured output endpoints.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.9.0

Vendor Advisory: https://github.com/vllm-project/vllm/security/advisories/GHSA-9hcf-v7m4-6m2j

Restart Required: Yes

Instructions:

1. Update vLLM to version 0.9.0 or later using pip: pip install --upgrade vllm>=0.9.0
2. Restart all vLLM services
3. Verify the update with: python -c "import vllm; print(vllm.__version__)"

🔧 Temporary Workarounds

Disable structured output

all

Temporarily disable structured output functionality if not required

Modify vLLM configuration to disable structured output features

Input validation

all

Implement regex pattern validation before processing

Add input validation layer to reject complex regex patterns

🧯 If You Can't Patch

Implement strict rate limiting on structured output endpoints
Deploy WAF rules to block malicious regex patterns

🔍 How to Verify

Check if Vulnerable:

Check vLLM version: python -c "import vllm; print(vllm.__version__)" - if output is between 0.8.0 and 0.9.0 (exclusive), system is vulnerable.

Check Version:

python -c "import vllm; print(vllm.__version__)"

Verify Fix Applied:

After patching, verify version is 0.9.0 or higher and test structured output with known problematic regex patterns.

📡 Detection & Monitoring

Log Indicators:

Server crashes or restarts
High CPU usage spikes
Error logs containing regex processing failures
Structured output request timeouts

Network Indicators:

Multiple failed structured output requests
Abnormal request patterns to regex endpoints
Increased error response rates

SIEM Query:

source="vllm.logs" AND ("crash" OR "timeout" OR "regex" OR "structured_output")

📊 Metadata

CVE ID: CVE-2025-48943

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-248

EPSS Score: 0.1% exploit probability (27.3th percentile)

Published: May 30, 2025

Last Updated: June 24, 2025

🔗 References

https://github.com/vllm-project/vllm/commit/08bf7840780980c7568c573c70a6a8db94fd45ff Patch
https://github.com/vllm-project/vllm/issues/17313 Issue Tracking
https://github.com/vllm-project/vllm/pull/17623 Issue Tracking,Patch
https://github.com/vllm-project/vllm/security/advisories/GHSA-9hcf-v7m4-6m2j Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-48943, you might also want to check these: