-
-
Notifications
You must be signed in to change notification settings - Fork 7.7k
Security: vllm-project/vllm
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
DoS via Malformed pattern and type Fields in vLLM Tool SchemaGHSA-vrq3-r879-7m65 published
May 28, 2025 by russellbModerate -
Remote Code Execution via PyNcclPipe Communication ServiceGHSA-hjq4-87xh-g4fv published
May 20, 2025 by russellbCritical -
A series of simple Redos in vllm.GHSA-j828-28rj-hfhp published
May 28, 2025 by russellbModerate -
clients can crash the openai server with invalid regexGHSA-9hcf-v7m4-6m2j published
May 28, 2025 by russellbModerate -
Weakness in MultiModalHasher Image/video Hashing Implementation in vLLMGHSA-c65p-x677-fgj6 published
May 28, 2025 by russellbModerate -
Regular Expression Denial of Service (ReDoS, Exponential Complexity) Vulnerability in `pythonic_tool_parser.py`GHSA-w6q7-j642-7c25 published
May 28, 2025 by russellbModerate -
phi4mm: Quadratic Time Complexity in Input Token Processing leads to denial of serviceGHSA-vc6m-hm49-g9qg published
Apr 29, 2025 by russellbModerate -
Remote Code Execution via Mooncake IntegrationGHSA-hj4w-hm2g-p6w5 published
Apr 29, 2025 by russellbCritical -
DOS: Remotely kill vllm over http with invalid JSON schemaGHSA-6qc9-v4r8-22xg published
May 28, 2025 by russellbModerate -
Denial of Service via ZeroMQ on Multi-node vLLM DeploymentGHSA-9f8f-2vmf-885j published
Apr 29, 2025 by russellbHigh
