VYPR
advisoryPublished Jul 6, 2026· Updated Jul 9, 2026· 1 source

VLLM: Four DoS Vulnerabilities Disclosed Together on July 6, 2026

Key findings • Four Denial of Service vulnerabilities in VLLM disclosed on July 6, 2026. • Vulnerabilities affect /v1/completions, structured outputs API, and speculative decoding. • Flaw…

Key findings

  • Four Denial of Service vulnerabilities in VLLM disclosed on July 6, 2026.
  • Vulnerabilities affect /v1/completions, structured outputs API, and speculative decoding.
  • Flaws include crafted prompts, adversarial regex, malformed workloads, and oversized file uploads.
  • Two vulnerabilities rated 'important' (CVSSv3 7.5), two rated 'moderate' (CVSSv3 6.5).
  • Users are urged to update VLLM to the latest version for mitigation.

On July 6, 2026, a batch of four Denial of Service (DoS) vulnerabilities affecting the VLLM large language model inference library was disclosed. These vulnerabilities, all published on the same day, highlight potential weaknesses in how VLLM handles specific input types and processing workloads, which could be exploited to disrupt service availability.

The disclosed vulnerabilities primarily target the VLLM library's request handling and processing mechanisms. CVE-2026-55514, a moderate severity flaw, stems from a crafted prompt sent to the /v1/completions endpoint, potentially leading to a denial of service. Similarly, CVE-2026-55646, also rated moderate, involves excessive memory allocation triggered by oversized audio file uploads, posing another DoS risk.

Two important severity vulnerabilities were also detailed. CVE-2026-55574 relates to the structured outputs API, where an adversarial regular expression can be used to cause a denial of service. Furthermore, CVE-2026-54234 addresses a DoS vulnerability arising from a malformed speculative decoding workload, indicating a potential issue in VLLM's advanced inference techniques.

These vulnerabilities collectively underscore the importance of robust input validation and resource management in large language model deployments. Exploitation of these flaws could lead to service unavailability, impacting applications relying on VLLM for inference tasks. As of the disclosure, details on specific threat actors or widespread exploitation campaigns were not immediately available, suggesting these may be newly discovered issues.

The VLLM project has addressed these vulnerabilities. Users are advised to update to the latest version of VLLM to mitigate these risks. Specific version information for the fix can be found in the official VLLM release notes and security advisories. Maintaining up-to-date software is crucial for protecting against known vulnerabilities and ensuring the stability and availability of AI-powered services.

This coordinated disclosure of four DoS vulnerabilities serves as a reminder for VLLM users to prioritize security updates. The nature of these bugs, ranging from prompt injection to resource exhaustion, emphasizes the need for continuous vigilance in securing AI infrastructure against availability attacks. Users should monitor VLLM's official channels for any further security announcements and ensure their deployments are patched promptly.

Synthesized by Vypr AI