CVE-2026-22778: vLLM is an inference and serving engine for large language models (LLMs). From 0.8.3 to before 0.14.1, when an invalid i
Summary
vLLM, a system for running large language models, has a vulnerability in versions 0.8.3 through 0.14.0 where sending an invalid image to its multimodal endpoint causes it to leak a heap address (a memory location used for storing data). This information leak significantly weakens ASLR (address space layout randomization, a security feature that randomizes where programs load in memory), and attackers could potentially chain this leak with other exploits to gain remote code execution (the ability to run commands on the server).
Solution / Mitigation
This vulnerability is fixed in version 0.14.1. Update vLLM to version 0.14.1 or later.
Vulnerability Details
9.8(critical)
EPSS: 0.1%
Classification
Affected Vendors
Related Issues
CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling
CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-22778
First tracked: February 15, 2026 at 08:44 PM
Classified by LLM (prompt v3) · confidence: 95%