Dependency Confusion Vulnerability in vLLM by vLLM Project
CVE-2026-54232

8.8HIGH

Key Information:

Vendor: Vllm-project
Status: Vllm
Vendor: CVE Published:; 22 June 2026

🔔 Create Vllm-project Vulnerability Alert

What is CVE-2026-54232?

The vLLM inference and serving engine for large language models has a vulnerability related to dependency confusion arising from the installation of the 'flashinfer-jit-cache' package from a non-PyPI source. This misconfiguration exposes vLLM deployments to significant risks, as an attacker can exploit this by publishing a malicious version of the package on PyPI, enabling them to execute arbitrary code with root privileges during Docker image builds. Consequently, this not only compromises the integrity of the container images generated but also risks the exfiltration of sensitive data including user prompts and API credentials. The vulnerability is addressed in the release of vLLM version 0.22.1.

Affected Version(s)

vllm < 0.22.1

References

https://github.com/vllm-project/vllm/security/advisories/...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 22, 2026
Vulnerability Reserved
Jun 12, 2026

CVE-2026-54232 Data

JSON