AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-46722: vLLM is an inference and serving engine for large language models (LLMs). In versions starting from 0.7.0 to before 0.9.

mediumvulnerabilityLLM-Specific

security

Source: NVD/CVE DatabaseMay 29, 2025CVE-2025-46722

Summary

vLLM (a system for running large language models) versions 0.7.0 through 0.8.x have a bug in how they create hash values (fingerprints) for images. The hashing method only looks at the raw pixel data and ignores important image properties like width and height, so two different-sized images with the same pixels would create identical hash values. This can cause the system to incorrectly reuse cached results or expose data it shouldn't.

Solution / Mitigation

This issue has been patched in version 0.9.0.

Vulnerability Details

CVSS Score

4.2(medium)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack Type

Data Extraction

Attack SophisticationModerate

Impact (CIA+S)

confidentialityintegrity

Taxonomy References

CWE (Weakness Type)

CWE-1023 CWE-1288

Affected Vendors

Related Issues

critical

CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive

Similar attackNVD/CVE Database

high

CVE-2025-54868: LibreChat is a ChatGPT clone with additional features. In versions 0.0.6 through 0.7.7-rc1, an exposed testing endpoint

First tracked: February 15, 2026 at 08:44 PM

Classified by LLM (prompt v3) · confidence: 92%