CVE-2025-48956

vLLM API endpoints vulnerable to Denial of Service Attacks

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

vLLM is an inference and serving engine for large language models (LLMs). From 0.1.0 to before 0.10.1.1, a Denial of Service (DoS) vulnerability can be triggered by sending a single HTTP GET request with an extremely large header to an HTTP endpoint. This results in server memory exhaustion, potentially leading to a crash or unresponsiveness. The attack does not require authentication, making it exploitable by any remote user. This vulnerability is fixed in 0.10.1.1.

vLLM es un motor de inferencia y servicio para modelos de lenguaje grandes (LLM). Desde la versión 0.1.0 hasta versiones anteriores a la 0.10.1.1, se podía activar una vulnerabilidad de denegación de servicio (DoS) al enviar una sola solicitud HTTP GET con un encabezado extremadamente grande a un endpoint HTTP. Esto provocaba el agotamiento de la memoria del servidor, lo que podría provocar un bloqueo o la falta de respuesta. El ataque no requiere autenticación, por lo que cualquier usuario remoto puede explotarlo. Esta vulnerabilidad se corrigió en la versión 0.10.1.1.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2025-05-28 CVE Reserved
2025-08-21 CVE Published
2025-08-22 CVE Updated
2025-10-28 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (3)

URL	Tag	Source
https://github.com/vllm-project/vllm/commit/d8b736f913a59117803d6701521d2e4861701944	X_refsource_misc
https://github.com/vllm-project/vllm/pull/23267	X_refsource_misc
https://github.com/vllm-project/vllm/security/advisories/GHSA-rxc4-3w6r-4v47	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Vllm-project Search vendor "Vllm-project"		Vllm Search vendor "Vllm-project" for product "Vllm"				>= 0.1.0.0 < 0.10.1.1 Search vendor "Vllm-project" for product "Vllm" and version " >= 0.1.0.0 < 0.10.1.1"		en		Affected