📦 Vllm

This vulnerability in vLLM allows attackers to leak heap memory addresses by sending invalid images to the multimodal endpoint, which reduces ASLR entropy and can be chained with a heap overflow in JP...

This vulnerability in vLLM versions 0.6.5 through 0.8.4 exposes the TCPStore interface on ALL network interfaces instead of only the specified private interface when using PyNcclPipe KV cache transfer...

This vulnerability allows remote code execution on vLLM instances using mooncake integration via insecure pickle deserialization over ZeroMQ sockets. Attackers can execute arbitrary code on affected s...

CVE-2024-11041 is a critical remote code execution vulnerability in vLLM v0.6.2 where the MessageQueue.dequeue() function uses insecure pickle.loads() to deserialize network data. Attackers can send m...

CVE-2025-29783 is a remote code execution vulnerability in vLLM when configured with Mooncake for distributed key-value storage. Attackers can exploit unsafe deserialization over ZMQ/TCP to execute ar...

A Server-Side Request Forgery (SSRF) vulnerability in vLLM's MediaConnector class allows attackers to bypass host restrictions and make the server send requests to internal network resources. This aff...

This vulnerability allows arbitrary code execution on vLLM servers during model loading. Attackers who can influence the model repository or path (local directory or remote Hugging Face repo) can exec...

This vulnerability in vLLM allows remote code execution when loading model configurations containing auto_map entries. Attackers can create a seemingly benign repository that points to a malicious bac...

A memory corruption vulnerability in vLLM's Completions API endpoint allows attackers to send malicious prompt embeddings that bypass bounds checks and trigger out-of-bounds memory writes. This can ca...

This vulnerability allows remote code execution in multi-node vLLM deployments using the V0 engine. Attackers can exploit unsafe pickle deserialization in ZeroMQ communication to execute arbitrary cod...

CVE-2025-30202 exposes vLLM's internal state data and enables denial of service attacks in multi-node deployments. The vulnerability allows unauthorized clients to connect to an exposed ZeroMQ XPUB so...

This vulnerability in vLLM allows remote code execution when loading malicious model checkpoints from Hugging Face. Attackers can execute arbitrary code during unpickling when torch.load processes unt...

This vulnerability allows remote attackers to crash vLLM servers running multimodal models with Idefics3 vision implementation by sending a specially crafted 1x1 pixel image. The tensor dimension mism...

This vulnerability allows users to crash the vLLM inference engine by passing malformed multimodal embedding inputs with correct dimensionality but incorrect shape. It affects vLLM deployments serving...

This vulnerability in vLLM allows attackers to send specially crafted requests to the /v1/chat/completions and /tokenize endpoints that can block API server processing for extended periods, causing de...

This CVE describes a Regular Expression Denial of Service (ReDoS) vulnerability in vLLM versions 0.8.0 through 0.9.0. Attackers can crash vLLM servers by providing malicious regex patterns when using ...

This vulnerability in vLLM's image hashing function allows hash collisions where different-sized images with identical pixel data produce the same hash. This can cause incorrect cache hits, potentiall...

This vulnerability in vLLM's outlines library cache allows denial of service attacks. A malicious user can send numerous short decoding requests with unique schemas, filling the local filesystem cache...