CVE Catalog

CVE-2026-41523

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.46%

37th percentile - higher than 37% of all known CVEs

Summary

In vLLM prior to 0.22.0, an assert-based security check in the activation function loading allows any unauthenticated attacker to achieve arbitrary code execution by publishing a malicious HuggingFace model, when vLLM runs in Python optimized mode (python -O or PYTHONOPTIMIZE=1).

Risk Assessment

An attacker can gain full control of the vLLM server, leading to data theft, model tampering, or service disruption.

Recommendation

Immediately upgrade vLLM to version 0.22.0 or later. Avoid running vLLM in Python optimized mode (python -O) until the update is applied.

Original NVD description (English source)

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, an assert-based security check in vLLM's activation function loading allows any unauthenticated attacker to achieve arbitrary code execution on the server by publishing a malicious HuggingFace model, when vLLM runs in Python optimized mode (python -O or PYTHONOPTIMIZE=1). This vulnerability is fixed in 0.22.0.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS