CVE-2025-48944
Last modified
CVE-2025-48944 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. vLLM is an inference and serving engine for large language models (LLMs). In version 0.8.0 up to but excluding 0.9.0, the vLLM backend used with the /v1/chat/completions OpenAPI endpoint fails to validate unexpected or malformed input in the "pattern" and "type" fields when the tools functionality is invoked. EPSS estimates a 0.45% chance of exploitation in the next 30 days.
Description
vLLM is an inference and serving engine for large language models (LLMs). In version 0.8.0 up to but excluding 0.9.0, the vLLM backend used with the /v1/chat/completions OpenAPI endpoint fails to validate unexpected or malformed input in the "pattern" and "type" fields when the tools functionality is invoked. These inputs are not validated before being compiled or parsed, causing a crash of the inference worker with a single request. The worker will remain down until it is restarted. Version 0.9.0 fixes the issue.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Vllm | Vllm | >= 0.8.0, < 0.9.0 |
References
- https://github.com/vllm-project/vllm/pull/17623Issue Tracking, Vendor Advisory
- https://github.com/vllm-project/vllm/security/advisories/GHSA-vrq3-r879-7m65Exploit, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-48944?
How severe is CVE-2025-48944?
How do I fix CVE-2025-48944?
Are you affected by CVE-2025-48944?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST