Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| vllm-project | vllm | >= 0.5.5, < 0.23.1rc0 | - |
| # | POC Description | Source Link | Shenlong Link |
|---|
No public POC found.
Login to generate AI POC| CVE-2026-48746 | 9.1 CRITICAL | vLLM: OpenAI auth bypass |
| CVE-2026-54232 | 8.8 HIGH | vLLM: Dependency Confusion Vulnerability in vLLM Dockerfile |
| CVE-2026-41523 | 7.5 HIGH | vLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arb |
| CVE-2026-47155 | 6.5 MEDIUM | vLLM: Artifact Pin Decay in vLLM allows pinned deployments to load unpinned code, weights, |
| CVE-2026-54233 | 6.5 MEDIUM | vLLM: OOM Denial of Service via Audio Decompression Bomb |
| CVE-2026-54236 | 5.3 MEDIUM | vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router |
| CVE-2026-54235 | vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kern |
No comments yet