CVE-2026-41523
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk37th percentile - higher than 37% of all known CVEs
Summary
In vLLM prior to 0.22.0, an assert-based security check in the activation function loading allows any unauthenticated attacker to achieve arbitrary code execution by publishing a malicious HuggingFace model, when vLLM runs in Python optimized mode (python -O or PYTHONOPTIMIZE=1).
Risk Assessment
An attacker can gain full control of the vLLM server, leading to data theft, model tampering, or service disruption.
Recommendation
Immediately upgrade vLLM to version 0.22.0 or later. Avoid running vLLM in Python optimized mode (python -O) until the update is applied.
Original NVD description (English source)
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, an assert-based security check in vLLM's activation function loading allows any unauthenticated attacker to achieve arbitrary code execution on the server by publishing a malicious HuggingFace model, when vLLM runs in Python optimized mode (python -O or PYTHONOPTIMIZE=1). This vulnerability is fixed in 0.22.0.

