AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-25183: vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Maliciously constructed statements

lowvulnerabilityLLM-Specific

security

Source: NVD/CVE DatabaseFebruary 7, 2025CVE-2025-25183

Summary

vLLM, a system for running large language models efficiently, has a vulnerability where attackers can craft malicious input to cause hash collisions (when two different inputs produce the same fingerprint value), allowing them to reuse cached data (stored computation results) from previous requests and corrupt subsequent responses. Python 3.12 made hash values predictable, making this attack easier to execute intentionally.

Solution / Mitigation

This issue has been addressed in version 0.7.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Vulnerability Details

CVSS Score

2.6(low)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack Type

RAG Poisoning

Attack SophisticationModerate

Impact (CIA+S)

integrity

AI Component TargetedInference

Taxonomy References

CWE (Weakness Type)

CWE-354

Affected Vendors

Related Issues

high

AI Kill Chain in Action: Devin AI Exposes Ports to the Internet with Prompt Injection

Similar attackEmbrace The Red

high

CVE-2024-3095: A Server-Side Request Forgery (SSRF) vulnerability exists in the Web Research Retriever component of langchain-ai/langch

First tracked: February 15, 2026 at 08:44 PM

Classified by LLM (prompt v3) · confidence: 92%