CVE-2025-59425
published 2025-10-07CVE-2025-59425: vLLM is an inference and serving engine for large language models (LLMs). Before version 0.11.0rc2, the API key support in vLLM performs validation using a…
PriorityP354high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.54%
41.2th percentile
vLLM is an inference and serving engine for large language models (LLMs). Before version 0.11.0rc2, the API key support in vLLM performs validation using a method that was vulnerable to a timing attack. API key validation uses a string comparison that takes longer the more characters the provided API key gets correct. Data analysis across many attempts could allow an attacker to determine when it finds the next correct character in the key sequence. Deployments relying on vLLM's built-in API key validation are vulnerable to authentication bypass using this technique. Version 0.11.0rc2 fixes the issue.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vllm-project | vllm | < 0.11.0rc2 | 0.11.0rc2 |
| vllm | vllm | < 0.11.0 | 0.11.0 |
| vllm | vllm | — | — |
| vllm | vllm | >= 0 < 0.11.0 | 0.11.0 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
vLLM is vulnerable to timing attack at bearer auth
osv·2025-10-07
CVE-2025-59425 [HIGH] vLLM is vulnerable to timing attack at bearer auth
vLLM is vulnerable to timing attack at bearer auth
### Summary
The API key support in vLLM performed validation using a method that was vulnerable to a timing attack. This could potentially allow an attacker to discover a valid API key using an approach more efficient than brute force.
### Details
https://github.com/vllm-project/vllm/blob/4b946d693e0af15740e9ca9c0e059d5f333b1083/vllm/entrypoints/openai/api_server.py#L1270-L1274
API key validation used a string comparison that will take longer the more characters the provided API key gets correct. Data analysis across many attempts can allow an attacker to determine when it finds the next correct character in the key sequence.
### Impact
Deployments relying on vLLM's built-in API key validation are vulnerable to authentication bypass us
GHSA
vLLM is vulnerable to timing attack at bearer auth
ghsa·2025-10-07
CVE-2025-59425 [HIGH] CWE-385 vLLM is vulnerable to timing attack at bearer auth
vLLM is vulnerable to timing attack at bearer auth
### Summary
The API key support in vLLM performed validation using a method that was vulnerable to a timing attack. This could potentially allow an attacker to discover a valid API key using an approach more efficient than brute force.
### Details
https://github.com/vllm-project/vllm/blob/4b946d693e0af15740e9ca9c0e059d5f333b1083/vllm/entrypoints/openai/api_server.py#L1270-L1274
API key validation used a string comparison that will take longer the more characters the provided API key gets correct. Data analysis across many attempts can allow an attacker to determine when it finds the next correct character in the key sequence.
### Impact
Deployments relying on vLLM's built-in API key validation are vulnerable to authentication bypass us
Red Hat
vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass
vendor_redhat·2025-10-07·CVSS 7.5
CVE-2025-59425 [HIGH] CWE-208 vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass
vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass
vLLM is an inference and serving engine for large language models (LLMs). Before version 0.11.0rc2, the API key support in vLLM performs validation using a method that was vulnerable to a timing attack. API key validation uses a string comparison that takes longer the more characters the provided API key gets correct. Data analysis across many attempts could allow an attacker to determine when it finds the next correct character in the key sequence. Deployments relying on vLLM's built-in API key validation are vulnerable to authentication bypass using this technique. Version 0.11.0rc2 fixes the issue.
A flaw was found in vLLM’s API token authentication logic, where token comparisons were not performed in
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/vllm-project/vllm/blob/4b946d693e0af15740e9ca9c0e059d5f333b1083/vllm/entrypoints/openai/api_server.py#L1270-L1274https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48https://github.com/vllm-project/vllm/releases/tag/v0.11.0https://github.com/vllm-project/vllm/security/advisories/GHSA-wr9h-g72x-mwhm
2025-10-07
Published