Arbitrary Code Execution Vulnerability in vLLM by vLLM Project
CVE-2026-22807

8.8HIGH

Key Information:

Vendor: Vllm-project
Status: Vllm
Vendor: CVE Published:; 21 January 2026

🔔 Create Vllm-project Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2026-22807?

The vLLM inference and serving engine for large language models has a vulnerability that allows arbitrary code execution. Versions from 0.10.1 up to, but not including, 0.14.0 are susceptible. The issue arises when vLLM loads dynamic modules from Hugging Face without proper validation of the trust_remote_code parameter, enabling an attacker to execute their own Python code during server startup simply by influencing the model repository. This exploit occurs before any API requests are processed, highlighting a significant security risk for deployments utilizing vLLM.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

vllm >= 0.10.1, < 0.14.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-22807_Range
Created by otakuliu