Arbitrary Code Execution Vulnerability in vLLM Inference Engine by vLLM Project
CVE-2026-41523

7.5HIGH

Key Information:

Vendor

Vllm-project

Status
Vllm
Vendor
CVE Published:
22 June 2026

What is CVE-2026-41523?

The vLLM inference and serving engine for large language models contains a vulnerability that allows unauthenticated attackers to execute arbitrary code on the server. This occurs due to an assertion-based security check within the activation function's loading mechanism when vLLM operates in Python optimized mode (using 'python -O' or setting 'PYTHONOPTIMIZE=1'). By leveraging this flaw, attackers can publish a malicious HuggingFace model to gain unauthorized access and control over the server environment. This issue has been addressed in version 0.22.0, making it crucial for users to update their installations promptly.

Affected Version(s)

vllm < 0.22.0

References

https://github.com/vllm-project/vllm/security/advisories/...
x_refsource_CONFIRM
https://github.com/vllm-project/vllm/commit/b3c7ffcab82c2...
x_refsource_MISC
https://huntr.com/bounties/dcb05b04-e625-41e7-adbc-bbae0c...
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.