← Back

CVE-2026-34753

nvd nist
Published: Apr 6, 2026Modified: Apr 20, 2026

JSON object

Loading...
5.4
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Exploitability: 2.8 / Impact: 2.5
Source: security-advisories@github.com (Secondary)

Description

vLLM is an inference and serving engine for large language models (LLMs). From 0.16.0 to before 0.19.0, a server-side request forgery (SSRF) vulnerability in download_bytes_from_url allows any actor who can control batch input JSON to make the vLLM batch runner issue arbitrary HTTP/HTTPS requests from the server, without any URL validation or domain restrictions. This can be used to target internal services (e.g. cloud metadata endpoints or internal HTTP APIs) reachable from the vLLM host. This vulnerability is fixed in 0.19.0.

Affected (1)

Products: Vllm: Vllm
Vllm
1 product
Vllm
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Vllm
From 0.16.0 to 0.19.0

Related CWEs

CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (1)

Source: security-advisories@github.com
PatchVendor Advisory

Timeline

No history available yet.