Server-Side Request Forgery Vulnerability in vLLM by vLLM Project
CVE-2026-34753

5.4MEDIUM

Key Information:

Vendor: Vllm-project
Status: Vllm
Vendor: CVE Published:; 6 April 2026

🔔 Create Vllm-project Vulnerability Alert

What is CVE-2026-34753?

The vLLM inference and serving engine for large language models contains a server-side request forgery (SSRF) vulnerability in the 'download_bytes_from_url' function, present in versions 0.16.0 through 0.18.0. This flaw allows an attacker with the ability to manipulate batch input JSON to issue arbitrary HTTP/HTTPS requests from the vLLM server, bypassing URL validation and domain restrictions. As a result, internal services, including cloud metadata endpoints and internal HTTP APIs, accessible from the vLLM host, are exposed to potential exploitation. The vulnerability is addressed in version 0.19.0.

Affected Version(s)

vllm >= 0.16.0, < 0.19.0

References

https://github.com/vllm-project/vllm/security/advisories/...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 6, 2026
Vulnerability Reserved
Mar 30, 2026

CVE-2026-34753 Data

JSON