repository icon
vllm-project / vllm Project repository

A high-throughput and memory-efficient inference and serving engine for LLMs

Submit a report

FIRST INTERACTION

WITHIN13 DAYS

REVIEW

WITHIN21 DAYS

FIX

WITHINN/A DAYS

Automated Safety Guardrail Bypass in Llama-3.1-8b-Instruct (Malware Generation)
s05161497-sudo
not applicable
Unauthenticated Denial of Service via Elastic Endpoint Scaling API
hacnho
duplicate
High
Unauthenticated Arbitrary Worker Method Execution via collective_rpc API
hacnho
not applicable
WebSocket KeyError in AuthenticationMiddleware breaks `/v1/realtime` when API ke...
vitocrl
not applicable
Unauthenticated server-wide DoS via `/scale_elastic_ep` auth bypass
vitocrl
duplicate
High
Authentication Bypass on Non-/v1 Endpoints Enables Unauthenticated Inference and...
0xbassia
not applicable
RCE via ungated cloudpickle.loads() in run_method() bypasses VLLM_ALLOW_INSECURE...
nhomyk
not applicable
Pre-Auth RCE via Unauthenticated Pickle Deserialization in Distributed Communic...
appsecguardian-hash
not applicable
Unsafe deserialization via torch.load and pickle in vLLM model loading
etwithin
spam
LoRA Adapter rank=0 ZeroDivisionError DoS in PEFTHelper — Validation Bypass via...
apeiria-zero
self closed
vLLM Unsafe Pickle Deserialization in /update_weights Endpoint — Unauthenticated...
avienma007
not applicable
Authentication Bypass via /invocations Endpoint in vLLM — Unauthorized Model Inf...
nottiboy137
duplicate
Critical
Authentication Bypass for Non-/v1 Endpoints Exposes Tokenization and Server Conf...
shima-coder
duplicate
Medium
NaN/Infinity Validation Bypass in SamplingParams via OpenAI-Compatible API
drrose2029
not applicable
Denial of Service via Unauthenticated /scale_elastic_ep Endpoint Setting Global...
seory0
not applicable
Authentication Bypass via Path Prefix Check in AuthenticationMiddleware Allowing...
seory0
not applicable
Path Traversal in LoRA Adapter Loading API Allows File Existence Oracle
222n5
not applicable
Remote Code Execution (RCE) via auto_map Dynamic Module Loading bypassing trust_...
amadhan882
not applicable
Remote Code Execution via Insecure Deserialization (pickle.loads/cloudpickle.loa...
sermikr0
spam
Unhandled Memory Corruption Resulting in DDOS
kattraxler
pending
Remote code execution via transformers_utils/get_config
vancir
High
CVE-2026-4943
Remote code execution may occur through the calculate_expression tool helper in...
dev-mhyun
not applicable
Undocumented Automatic Fallback to Unsafe Model Loading Creates Silent RCE Risk
rudra2018
informative
High
vLLM Server Unsafe Deserialization Leads to Arbitrary Code Execution
racerz-fighting
not applicable
Remote Code Execution in Insecure Pickle Deserialization via recv_obj() in class...
seaw1nd
duplicate
Critical
vLLM Server Unsafe Deserialization Leads to Arbitrary Code Execution
avilum
informative
Critical
Remote Code Execution by Pickle Deserialization via MessageQueue.dequeue() Broad...
zpbrent
Critical
$1500CVE-2024-11041
"POST /v1/completions" and "POST /v1/embeddings" Denials of Service
rh-tguittet
High
$750CVE-2024-11040
vllm has Cloudpickle deserializes arbitrary command execution
hexian2001
duplicate
Critical
Remote Code Execution by Pickle Deserialization via AsyncEngineRPCServer() RPC s...
zpbrent
Critical
$1500CVE-2024-9053
Remote Code Execution by Pickle Deserialization via recv_object() distributed tr...
zpbrent
Critical
$1500CVE-2024-9052
Command Injection in nccl_integrity_check function
vanirxxx
informative
High
Malicious model to RCE by torch.load in hf_model_weights_iterator (as well as th...
dogewatch
informative
Critical