CVE-2026-54235
published 2026-06-22CVE-2026-54235: vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operators ()…
PriorityP334medium6.5CVSS 3.1
AVNACLPRNUINSUCNILAL
EPSS
0.26%
17.4th percentile
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operators (), which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagate to GPU sampling kernels, where they produce undefined behavior or CUDA errors that can crash the inference worker. This vulnerability is fixed in 0.23.1rc0.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rhaii | vllm-cpu-rhel9 | — | — |
| rhaii | vllm-cuda-rhel9 | — | — |
| rhaii | vllm-gaudi-rhel9 | — | — |
| rhaii | vllm-neuron-rhel9 | — | — |
| rhaii | vllm-rocm-rhel9 | — | — |
| rhaii | vllm-spyre-rhel9 | — | — |
| rhaii | vllm-tpu-rhel9 | — | — |
| rhaiis | vllm-cpu-rhel9 | — | — |
| rhaiis | vllm-cuda-rhel9 | — | — |
| rhaiis | vllm-neuron-rhel9 | — | — |
| rhaiis | vllm-rocm-rhel9 | — | — |
| rhaiis | vllm-spyre-rhel9 | — | — |
| rhaiis | vllm-tpu-rhel9 | — | — |
| rhelai3 | bootc-aws-cuda-rhel9 | — | — |
| rhelai3 | bootc-azure-cuda-rhel9 | — | — |
| rhelai3 | bootc-azure-rocm-rhel9 | — | — |
| rhelai3 | bootc-cuda-rhel9 | — | — |
| rhelai3 | bootc-gaudi-rhel9 | — | — |
| rhelai3 | bootc-gcp-cuda-rhel9 | — | — |
| rhelai3 | bootc-rocm-rhel9 | — | — |
| rhoai | odh-llm-d-kv-cache-rhel9 | — | — |
| rhoai | odh-vllm-gaudi-rhel9 | — | — |
| vllm-project | vllm | < 0.23.1rc0 | 0.23.1rc0 |
| vllm | vllm | < 0.23.1 | 0.23.1 |
| vllm | vllm | 0 – 0.23.0 | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
nvdv4.06.9MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels
ghsa·2026-06-17
CVE-2026-54235 [MEDIUM] CWE-1287 vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels
vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels
## Summary
All temperature validation gates use comparison operators (``), which silently evaluate to `False` for `NaN` and for positive `Infinity` in Python's IEEE 754 float semantics. Both values pass every guard and propagate to GPU sampling kernels, where they produce undefined behavior or CUDA errors that can crash the inference worker. Note: `-Infinity` is correctly caught.
## Root Cause
`sampling_params.py:384`:
```python
if 0 < self.temperature < _MAX_TEMP: # NaN → False; +Inf → False
```
`sampling_params.py:462`:
```python
if self.temperature < 0.0: # NaN → False; +Inf → False
raise VLLMValidationError(...)
```
No `math.isnan()` or `math.isinf()` check exists anywhere in `sampling_p
Red Hat
vllm: vLLM: Denial of Service due to improper floating-point validation
vendor_redhat·2026-06-22·CVSS 6.5
CVE-2026-54235 [MEDIUM] CWE-1287 vllm: vLLM: Denial of Service due to improper floating-point validation
vllm: vLLM: Denial of Service due to improper floating-point validation
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operators (), which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagate to GPU sampling kernels, where they produce undefined behavior or CUDA errors that can crash the inference worker. This vulnerability is fixed in 0.23.1rc0.
A flaw was found in vLLM, an inference and serving engine for large language models (LLMs). The temperature validation gates, which use comparison operators, incorrectly handle Not-a-Number (NaN) and positive Infinity values in Python's IEEE 754 float semantics. The
No detection rules found.
No public exploits indexed.
2026-06-22
Published