AI Threat Alert
vLLM
pip LLM Inference74
Total CVEs
20
Critical
pip
Ecosystem
Mar 27, 2026
Last CVE
Known Vulnerabilities (30+ shown)
Severity CVE ID Summary CVSS Published
HIGH CVE-2026-27893 vLLM: trust_remote_code bypass enables RCE 8.8 Mar 27, 2026 CRITICAL CVE-2024-9052 vLLM: RCE via pickle deserialization in distributed API 9.8 Mar 20, 2025 MEDIUM GHSA-hf3c-wxg2-49q9 vLLM: DoS via unbounded XGrammar schema cache 6.5 Apr 15, 2025 CRITICAL GHSA-ggpf-24jw-3fcw vLLM: RCE via malicious model, PyTorch < 2.6 bypass 9.8 Apr 23, 2025 MEDIUM GHSA-j828-28rj-hfhp vllm: ReDoS in inference endpoints enables DoS 4.3 May 28, 2025 HIGH CVE-2025-9141 vLLM: RCE via eval() in Qwen3 Coder tool parser 8.8 Aug 21, 2025 MEDIUM CVE-2025-61620 vllm: DoS via Jinja template injection in chat API 6.5 Oct 7, 2025 HIGH GHSA-mcmc-2m55-j8jj vllm: Input Validation flaw enables exploitation 8.8 Jan 8, 2026 CRITICAL CVE-2026-25960 vllm: SSRF allows internal network access 9.8 Mar 9, 2026 CRITICAL CVE-2026-25960 vllm: SSRF allows internal network access 9.8 Mar 9, 2026 CRITICAL CVE-2026-25960 vllm: SSRF allows internal network access 9.8 Mar 9, 2026 CRITICAL CVE-2026-25960 vllm: SSRF allows internal network access 9.8 Mar 9, 2026 CRITICAL CVE-2026-22778 vllm: security flaw enables exploitation 9.8 Feb 2, 2026 CRITICAL CVE-2026-22778 vllm: security flaw enables exploitation 9.8 Feb 2, 2026 HIGH CVE-2026-24779 vllm: SSRF allows internal network access 7.1 Jan 27, 2026 HIGH CVE-2026-24779 vllm: SSRF allows internal network access 7.1 Jan 27, 2026 CRITICAL CVE-2026-22807 vllm: Code Injection enables RCE 9.8 Jan 21, 2026 CRITICAL CVE-2026-22807 vllm: Code Injection enables RCE 9.8 Jan 21, 2026 HIGH CVE-2026-22773 vllm: Resource Exhaustion enables DoS 7.5 Jan 10, 2026 HIGH CVE-2026-22773 vllm: Resource Exhaustion enables DoS 7.5 Jan 10, 2026 HIGH CVE-2025-66448 vllm: Code Injection enables RCE 8.8 Dec 1, 2025 HIGH CVE-2025-66448 vllm: Code Injection enables RCE 8.8 Dec 1, 2025 MEDIUM CVE-2025-62426 vllm: Resource Exhaustion enables DoS 6.5 Nov 21, 2025 MEDIUM CVE-2025-62426 vllm: Resource Exhaustion enables DoS 6.5 Nov 21, 2025 MEDIUM CVE-2025-62426 vllm: Resource Exhaustion enables DoS 6.5 Nov 21, 2025 MEDIUM CVE-2025-62426 vllm: Resource Exhaustion enables DoS 6.5 Nov 21, 2025 MEDIUM CVE-2025-62372 vllm: security flaw enables exploitation 6.5 Nov 21, 2025 MEDIUM CVE-2025-62372 vllm: security flaw enables exploitation 6.5 Nov 21, 2025 MEDIUM CVE-2025-62372 vllm: security flaw enables exploitation 6.5 Nov 21, 2025 MEDIUM CVE-2025-62372 vllm: security flaw enables exploitation 6.5 Nov 21, 2025 Monitor vLLM in your stack
Get instant alerts when new vulnerabilities affect vLLM. CISO analysis, ATLAS technique mappings, and compliance reports included.
Start Monitoring