Known Vulnerabilities for Vllm by Vllm-project
Listed below are 10 of the newest known vulnerabilities associated with "Vllm" by "Vllm-project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-56340 json | vLLM versions >= 0.10.2 and < 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorc... | Not Provided | 2026-06-20 | 2026-06-30 |
| CVE-2026-55646 json | vLLM is an inference and serving engine for large language models. From 0.22.0 to 0.23.0, the /v1/audio/transcriptions and /v... | Not Provided | 2026-07-06 | 2026-07-06 |
| CVE-2026-55574 json | vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, the structured_outputs... | Not Provided | 2026-07-06 | 2026-07-06 |
| CVE-2026-55514 json | vLLM is a library for LLM inference and serving. From 0.12.0 to before 0.24.0, sending a pure prompt embeds payload in a /v1/... | Not Provided | 2026-07-06 | 2026-07-06 |
| CVE-2026-54236 json | vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, the fix for CVE-2026-22778, whi... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-54235 json | vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-54234 json | vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, a frontend-legal multi... | Not Provided | 2026-07-06 | 2026-07-07 |
| CVE-2026-54233 json | vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-54232 json | vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.1, the vLLM Dockerfile is vulnerable ... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-53923 json | vLLM is an inference and serving engine for large language models (LLMs). From 0.5.5 until 0.23.1rc0, integer truncation of t... | Not Provided | 2026-06-22 | 2026-06-23 |