{"data":{"id":"5e13d5f4-fae3-46f7-812b-d7aa8b6b642a","title":"CVE-2026-22807: vLLM is an inference and serving engine for large language models (LLMs). Starting in version 0.10.1 and prior to versio","summary":"vLLM (a system for running and serving large language models) had a security flaw in versions 0.10.1 through 0.13.x where it automatically loaded code from model repositories without checking if that code was trustworthy, allowing attackers to run malicious Python commands on the server when a model loads. This vulnerability doesn't require the attacker to have access to the API or send requests; they just need to control which model repository vLLM tries to load from.","solution":"Upgrade to vLLM version 0.14.0, which fixes this issue.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-22807","publishedAt":"2026-01-22T03:15:49.077Z","cveId":"CVE-2026-22807","cweIds":["CWE-94"],"cvssScore":"8.8","cvssSeverity":"high","severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["vLLM","Hugging Face"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00056,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-242"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"inference","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}