Skip to main content

vllm EUVD-2026-31810

| CVE-2026-9540 MEDIUM
Improper Resource Shutdown or Release (CWE-404)
2026-05-26 VulDB GHSA-98f3-hwg4-4rf7
Denial Of Service Vllm
5.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Source Code Evidence Fetched
Jun 08, 2026 - 11:14 vuln.today
Analysis Generated
Jun 08, 2026 - 11:14 vuln.today
CVSS changed
May 26, 2026 - 14:22 NVD
5.3 (MEDIUM) 5.5 (MEDIUM)

DescriptionCVE.org

A vulnerability was identified in vllm-project vllm 0.19.0. This issue affects some unknown processing of the component OpenAI-compatible Serving Path. Such manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The pull request to fix this issue awaits acceptance.

AnalysisAI

Denial of service in vllm 0.19.0's OpenAI-compatible serving path allows remote unauthenticated attackers to exhaust scheduler resources by submitting requests with unbounded logprob counts. The root cause, confirmed by PR diff analysis, is the absence of any per-batch logprob budget in the v1 scheduler: requests specifying logprobs=-1 (full vocabulary) multiplied across parallel sequences (n) generate massive compute and memory overhead with no cap, blocking or crashing the inference server. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Send HTTP request to /v1/completions with logprobs=-1 and high n
Delivery
Scheduler computes cost as n × full_vocab_size with no budget cap
Exploit
Batch accumulates unbounded logprob compute overhead
Execution
GPU/CPU memory exhausted or scheduling loop stalls
Impact
Inference server becomes unresponsive (DoS)
Sign in to reveal

Vulnerability AssessmentAI

Exploitation The OpenAI-compatible serving path must be enabled (vllm's default when launched with --served-model-name or equivalent API server mode). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 5.5 with vector AV:N/AC:L/AT:N/PR:N/UI:N reflects moderate severity but understates operational risk for publicly exposed vllm deployments. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with network access to a publicly exposed vllm OpenAI-compatible endpoint submits a crafted /v1/completions or /v1/chat/completions request with logprobs=-1 (full vocabulary) and a high n value (many parallel completions). The v1 scheduler, lacking any logprob budget, computes the cost as n × vocab_size (potentially millions), allocates the corresponding memory and GPU compute, causing OOM errors or complete latency stalls that render the inference server unresponsive. …
Remediation Upstream fix available (PR/commit); released patched version not independently confirmed - PR #37594 at https://github.com/vllm-project/vllm/pull/37594 implements the fix but was awaiting acceptance at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-31810 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy