CVE-2026-34753— vLLM affected by Server-Side Request Forgery (SSRF) in `download_bytes_from_url `
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-34753
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
vLLM affected by Server-Side Request Forgery (SSRF) in `download_bytes_from_url `
Source: NVD (National Vulnerability Database)
Vulnerability Description
vLLM is an inference and serving engine for large language models (LLMs). From 0.16.0 to before 0.19.0, a server-side request forgery (SSRF) vulnerability in download_bytes_from_url allows any actor who can control batch input JSON to make the vLLM batch runner issue arbitrary HTTP/HTTPS requests from the server, without any URL validation or domain restrictions. This can be used to target internal services (e.g. cloud metadata endpoints or internal HTTP APIs) reachable from the vLLM host. This vulnerability is fixed in 0.19.0.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
服务端请求伪造(SSRF)
Source: NVD (National Vulnerability Database)
Vulnerability Title
vLLM 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
vLLM是vLLM开源的一个适用于 LLM 的高吞吐量和内存高效推理和服务引擎。 vLLM 0.16.0至0.19.0之前版本存在代码问题漏洞,该漏洞源于download_bytes_from_url函数缺少URL验证,可能导致服务端请求伪造攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| vllm-project | vllm | >= 0.16.0, < 0.19.0 | - |
II. Public POCs for CVE-2026-34753
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-34753
请登录查看更多情报信息。
Same Patch Batch · vllm-project · 2026-04-06 · 3 CVEs total
| CVE-2026-34755 | 6.5 MEDIUM | vLLM Affected by Denial of Service via Unbounded Frame Count in video/jpeg Base64 Processi |
| CVE-2026-34756 | 6.5 MEDIUM | vLLM Affected by Unauthenticated OOM Denial of Service via Unbounded `n` Parameter in Open |
IV. Related Vulnerabilities
Same product: vllm
- CVE-2026-7141
vllm KV Block kv_cache_interface.py has_mamba_layers uniniti - CVE-2026-34756
vLLM Affected by Unauthenticated OOM Denial of Service via U - CVE-2026-34755
vLLM Affected by Denial of Service via Unbounded Frame Count - CVE-2026-34760
vLLM: Downmix Implementation Differences as Attack Vectors A - CVE-2026-27893
vLLM's hardcoded trust_remote_code=True in NemotronVL and Ki
Same vendor: vllm-project
- CVE-2026-34756
vLLM Affected by Unauthenticated OOM Denial of Service via U - CVE-2026-34755
vLLM Affected by Denial of Service via Unbounded Frame Count - CVE-2026-34760
vLLM: Downmix Implementation Differences as Attack Vectors A - CVE-2026-27893
vLLM's hardcoded trust_remote_code=True in NemotronVL and Ki - CVE-2026-25960
SSRF Protection Bypass in vLLM
Same weakness: CWE-918
- CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-44313
LinkWarden: Server-Side Request Forgery (SSRF) in Link Creat - CVE-2026-42352
pygeoapi 0.23.x: Unauthenticated SSRF via OGC API - Processe - CVE-2026-42346
Postiz: TOCTOU DNS rebinding bypasses all SSRF URL validatio - CVE-2026-42339
New API: SSRF Filter Bypass via 0.0.0.0
V. Comments for CVE-2026-34753
No comments yet