{"data":{"id":"a45197ed-95a7-4ae0-9435-1112b6e4ba95","title":"GHSA-hpv8-x276-m59f: vLLM Vulnerable to Remote DoS via Special-Token Placeholders","summary":"vLLM (a system for running large language models) has a vulnerability where specially crafted text prompts containing multimodal placeholder tokens (sequences that represent images or videos) without actual image or video data cause the system to crash with an IndexError (a programming error when accessing data that doesn't exist). An unauthenticated attacker can send a single malicious request to a vLLM server to trigger a denial of service attack (making the service unavailable), affecting any deployment that runs vision-capable language models.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-hpv8-x276-m59f","publishedAt":"2026-05-05T22:21:41.000Z","cveId":"CVE-2026-44222","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":["vllm@>= 0.6.1, < 0.20.0 (fixed: 0.20.0)"],"affectedVendors":[],"affectedVendorsRaw":["vLLM","Qwen2.5-VL"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-05-05T22:21:41.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["availability"],"aiComponentTargeted":"inference","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}