CVE-2025-48944 — Improper Input Validation in Vllm

CWE-20 — Improper Input Validation4 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

0.3%

top 45.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vllm Vllm-project Vllm

Timeline

PublishedMay 30

Description

vLLM is an inference and serving engine for large language models (LLMs). In version 0.8.0 up to but excluding 0.9.0, the vLLM backend used with the /v1/chat/completions OpenAPI endpoint fails to validate unexpected or malformed input in the "pattern" and "type" fields when the tools functionality is invoked. These inputs are not validated before being compiled or parsed, causing a crash of the inference worker with a single request. The worker will remain down until it is restarted. Version 0.9…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

▶NVDvllm/vllm0.8.0 — 0.9.0

▶PyPIvllm/vllm0.8.0 — 0.9.0

▶CVEListV5vllm-project/vllm>= 0.8.0, < 0.9.0

🔴Vulnerability Details

OSV

vLLM Tool Schema allows DoS via Malformed pattern and type Fields↗2025-05-28

▶

GHSA

vLLM Tool Schema allows DoS via Malformed pattern and type Fields↗2025-05-28

▶

📋Vendor Advisories

Red Hat

vllm: vLLM Tool Schema denial of service↗2025-05-30

▶