vllm
A high-throughput and memory-efficient inference and serving engine for LLMs
Security Advisories for vllm in pypi
High
16 days ago
vLLM is vulnerable to Server-Side Request Forgery (SSRF) through `MediaConnector` class
pypi
vllm
Moderate
16 days ago
vLLM: Resource-Exhaustion (DoS) through Malicious Jinja Template in OpenAI-Compatible Server
pypi
vllm
High
2 months ago
vLLM has remote code execution vulnerability in the tool call parser for Qwen3-Coder
pypi
vllm
Moderate
5 months ago
vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
pypi
vllm
Low
5 months ago
Potential Timing Side-Channel Vulnerability in vLLM’s Chunk-Based Prefix Caching
pypi
vllm
Moderate
5 months ago
vLLM has a Regular Expression Denial of Service (ReDoS, Exponential Complexity) Vulnerability in `pythonic_tool_parser.py`
pypi
vllm
Critical
5 months ago
vLLM Allows Remote Code Execution via PyNcclPipe Communication Service
pypi
vllm
High
6 months ago
Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration
pypi
vllm
Moderate
6 months ago
phi4mm: Quadratic Time Complexity in Input Token Processing leads to denial of service
pypi
vllm
Critical
6 months ago
CVE-2025-24357 Malicious model remote code execution fix bypass with PyTorch < 2.6.0
pypi
vllm
Critical
7 months ago
vLLM allows Remote Code Execution by Pickle Deserialization via AsyncEngineRPCServer() RPC server entrypoints
pypi
vllm
Critical
7 months ago
vLLM deserialization vulnerability in vllm.distributed.GroupCoordinator.recv_object
pypi
vllm
Low
9 months ago
vLLM uses Python 3.12 built-in hash() which leads to predictable hash collisions in prefix cache
pypi
vllm