Machine Learning

In vLLM versions 0.18.0 to before 0.20.0 a medium severity vulnerability CVE-2026-44223 was detected. This vulnerability allows an attacker to cause a Denial of Service (DoS) condition by crashing the server. This occurs because the extract_hidden_states speculative decoding proposer returns a tensor with an incorrect shape after the first decode step when a request in the batch includes sampling penalty parameters (such as repetition_penalty). This shape mismatch triggers a RuntimeError that immediately crashes the EngineCore process. To address this issue, users should upgrade vLLM to version 0.20.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-44223.

In vLLM version 0.19.0 a medium severity vulnerability CVE-2026-9540 was detected. This vulnerability allows a remote attacker to cause a Denial of Service (DoS). This occurs due to a flaw in the OpenAI-compatible Serving Path component when processing certain manipulated data. An exploit for this issue is publicly available. There’s no fix available for this issue at the moment. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-9540.

In JupyterLab versions 4.0.0 through 4.5.6 a high severity vulnerability CVE-2026-42266 was detected. This vulnerability allows an attacker to install malicious third-party extensions via a POST request. This occurs because the allow-list for the PyPI Extension Manager (allowed_extensions_uris) is not correctly enforced, allowing packages outside the default PyPI index to be installed. To address this issue, users should upgrade JupyterLab to version 4.5.7. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-42266.

In vLLM versions up to 0.19.0 a medium severity vulnerability CVE-2026-7141 was detected. This vulnerability allows attackers to trigger use of an uninitialized resource by manipulating the has_mamba_layers function in the KV cache interface, potentially leading to unexpected behavior. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-7141.

In Qdrant versions 1.9.3 through before 1.16.0 a high severity vulnerability CVE-2026-25628 was detected. This vulnerability allows attackers with minimal (read-only) privileges to append data to arbitrary files via the `/logger` endpoint by controlling the `on_disk.log_file` path, potentially leading to further system compromise. To address this issue, users should upgrade Qdrant to version 1.16.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-25628.

In vLLM versions from 0.6.4 to before 0.12.0 a medium severity vulnerability CVE-2026-22773 was detected. This vulnerability allows attackers to crash the vLLM inference engine by sending a specially crafted 1×1 pixel image to multimodal models using the Idefics3 vision implementation, triggering a tensor dimension mismatch and an unhandled runtime error that terminates the server. To address this issue, users should upgrade vLLM to version 0.12.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2026-22773.

In vLLM versions prior to 0.11.1 a high severity vulnerability CVE-2025-66448 was detected. This vulnerability allows attackers to achieve remote code execution by abusing the auto_map field in model configuration files, causing vLLM to fetch and execute Python code from a remote repository even when trust_remote_code=False is set, enabling an attacker to execute arbitrary malicious code on the host by publishing a crafted model repository. To address this issue, users should upgrade vLLM to version 0.11.1 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-66448.

In PyTorch version 2.6.0+cu124 a medium severity vulnerability CVE-2025-4287 was detected. This vulnerability affects the torch.cuda.nccl.reduce function in the torch/cuda/nccl.py file and may lead to denial of service. The issue can be exploited locally, and details of the exploit have been publicly disclosed. To address this issue, users must apply the patch. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-4287.

In PyTorch version 2.5.1 and prior a critical severity vulnerability CVE-2025-32434 was detected. This vulnerability allows remote command execution (RCE) when loading a model. To address this issue users must upgrade to version 2.6.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-32434.