Supply Chain Integrity Issue in vLLM by vLLM Project
CVE-2026-47155

6.5MEDIUM

Key Information:

Vendor

Vllm-project

Status
Vllm
Vendor
CVE Published:
22 June 2026

What is CVE-2026-47155?

vLLM, an inference and serving engine designed for large language models, has a vulnerability that affects its supply chain integrity due to inconsistent application of revision pinning controls. Prior to version 0.22.0, configurations that supply specific revisions can still load artifacts from unpinned or default revisions, including dynamic code, GGUF files, and more. This allows operators to unknowingly serve models with behavior-affecting components that are not included in the reviewed revision. This vulnerability poses significant risks for users relying on the integrity of their AI models and has been rectified in version 0.22.0.

Affected Version(s)

vllm < 0.22.0

References

https://github.com/vllm-project/vllm/security/advisories/...
x_refsource_CONFIRM
https://github.com/vllm-project/vllm/pull/42616
x_refsource_MISC
https://github.com/vllm-project/vllm/commit/d26a28ab03369...
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.