-
-
Notifications
You must be signed in to change notification settings - Fork 10.6k
Security: vllm-project/vllm
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
vLLM using built-in hash() from Python 3.12 leads to predictable hash collisions in vLLM prefix cacheGHSA-rm76-4mrf-v9r8 published
Feb 6, 2025 by russellbLow -
Potential Timing Side-Channel Vulnerability in vLLM’s Chunk-Based Prefix CachingGHSA-4qjh-9fv9-r85r published
May 28, 2025 by russellbLow -
Malicious model to RCE by torch.load in hf_model_weights_iteratorGHSA-rh4j-5rhw-hr54 published
Jan 27, 2025 by russellbHigh