Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-48956

vLLM is an inference and serving engine for large language models (LLMs). From 0.1.0 to before 0.10.1.1, a Denial of Service (DoS) vulnerability can be triggered by sending a single HTTP GET request with an extremely large header to an HTTP endpoint. This results in server memory exhaustion, potentially leading to a crash or unresponsiveness. The attack does not require authentication, making it exploitable by any remote user. This vulnerability is fixed in 0.10.1.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.4%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-48956
  • Vllm » Vllm » Version: 0.1.0
    cpe:2.3:a:vllm:vllm:0.1.0
  • Vllm » Vllm » Version: 0.1.1
    cpe:2.3:a:vllm:vllm:0.1.1
  • Vllm » Vllm » Version: 0.1.2
    cpe:2.3:a:vllm:vllm:0.1.2
  • Vllm » Vllm » Version: 0.1.3
    cpe:2.3:a:vllm:vllm:0.1.3
  • Vllm » Vllm » Version: 0.1.4
    cpe:2.3:a:vllm:vllm:0.1.4
  • Vllm » Vllm » Version: 0.1.5
    cpe:2.3:a:vllm:vllm:0.1.5
  • Vllm » Vllm » Version: 0.1.6
    cpe:2.3:a:vllm:vllm:0.1.6
  • Vllm » Vllm » Version: 0.1.7
    cpe:2.3:a:vllm:vllm:0.1.7
  • Vllm » Vllm » Version: 0.10.0
    cpe:2.3:a:vllm:vllm:0.10.0
  • Vllm » Vllm » Version: 0.10.1
    cpe:2.3:a:vllm:vllm:0.10.1
  • Vllm » Vllm » Version: 0.2.0
    cpe:2.3:a:vllm:vllm:0.2.0
  • Vllm » Vllm » Version: 0.2.1
    cpe:2.3:a:vllm:vllm:0.2.1
  • Vllm » Vllm » Version: 0.2.2
    cpe:2.3:a:vllm:vllm:0.2.2
  • Vllm » Vllm » Version: 0.2.3
    cpe:2.3:a:vllm:vllm:0.2.3
  • Vllm » Vllm » Version: 0.2.4
    cpe:2.3:a:vllm:vllm:0.2.4
  • Vllm » Vllm » Version: 0.2.5
    cpe:2.3:a:vllm:vllm:0.2.5
  • Vllm » Vllm » Version: 0.2.6
    cpe:2.3:a:vllm:vllm:0.2.6
  • Vllm » Vllm » Version: 0.2.7
    cpe:2.3:a:vllm:vllm:0.2.7
  • Vllm » Vllm » Version: 0.3.0
    cpe:2.3:a:vllm:vllm:0.3.0
  • Vllm » Vllm » Version: 0.3.1
    cpe:2.3:a:vllm:vllm:0.3.1
  • Vllm » Vllm » Version: 0.3.2
    cpe:2.3:a:vllm:vllm:0.3.2
  • Vllm » Vllm » Version: 0.3.3
    cpe:2.3:a:vllm:vllm:0.3.3
  • Vllm » Vllm » Version: 0.4.0
    cpe:2.3:a:vllm:vllm:0.4.0
  • Vllm » Vllm » Version: 0.4.1
    cpe:2.3:a:vllm:vllm:0.4.1
  • Vllm » Vllm » Version: 0.4.2
    cpe:2.3:a:vllm:vllm:0.4.2
  • Vllm » Vllm » Version: 0.4.3
    cpe:2.3:a:vllm:vllm:0.4.3
  • Vllm » Vllm » Version: 0.5.0
    cpe:2.3:a:vllm:vllm:0.5.0
  • Vllm » Vllm » Version: 0.5.1
    cpe:2.3:a:vllm:vllm:0.5.1
  • Vllm » Vllm » Version: 0.5.2
    cpe:2.3:a:vllm:vllm:0.5.2
  • Vllm » Vllm » Version: 0.5.3
    cpe:2.3:a:vllm:vllm:0.5.3
  • Vllm » Vllm » Version: 0.5.4
    cpe:2.3:a:vllm:vllm:0.5.4
  • Vllm » Vllm » Version: 0.5.5
    cpe:2.3:a:vllm:vllm:0.5.5
  • Vllm » Vllm » Version: 0.6.0
    cpe:2.3:a:vllm:vllm:0.6.0
  • Vllm » Vllm » Version: 0.6.1
    cpe:2.3:a:vllm:vllm:0.6.1
  • Vllm » Vllm » Version: 0.6.2
    cpe:2.3:a:vllm:vllm:0.6.2
  • Vllm » Vllm » Version: 0.6.3
    cpe:2.3:a:vllm:vllm:0.6.3
  • Vllm » Vllm » Version: 0.6.4
    cpe:2.3:a:vllm:vllm:0.6.4
  • Vllm » Vllm » Version: 0.6.5
    cpe:2.3:a:vllm:vllm:0.6.5
  • Vllm » Vllm » Version: 0.6.6
    cpe:2.3:a:vllm:vllm:0.6.6
  • Vllm » Vllm » Version: 0.7.0
    cpe:2.3:a:vllm:vllm:0.7.0
  • Vllm » Vllm » Version: 0.7.1
    cpe:2.3:a:vllm:vllm:0.7.1
  • Vllm » Vllm » Version: 0.7.2
    cpe:2.3:a:vllm:vllm:0.7.2
  • Vllm » Vllm » Version: 0.7.3
    cpe:2.3:a:vllm:vllm:0.7.3
  • Vllm » Vllm » Version: 0.8.0
    cpe:2.3:a:vllm:vllm:0.8.0
  • Vllm » Vllm » Version: 0.8.1
    cpe:2.3:a:vllm:vllm:0.8.1
  • Vllm » Vllm » Version: 0.8.2
    cpe:2.3:a:vllm:vllm:0.8.2
  • Vllm » Vllm » Version: 0.8.3
    cpe:2.3:a:vllm:vllm:0.8.3
  • Vllm » Vllm » Version: 0.8.4
    cpe:2.3:a:vllm:vllm:0.8.4
  • Vllm » Vllm » Version: 0.8.5
    cpe:2.3:a:vllm:vllm:0.8.5
  • Vllm » Vllm » Version: 0.9.0
    cpe:2.3:a:vllm:vllm:0.9.0
  • Vllm » Vllm » Version: 0.9.0.1
    cpe:2.3:a:vllm:vllm:0.9.0.1
  • Vllm » Vllm » Version: 0.9.1
    cpe:2.3:a:vllm:vllm:0.9.1
  • Vllm » Vllm » Version: 0.9.2
    cpe:2.3:a:vllm:vllm:0.9.2


Products
Pricing
Contact Us

Shodan ® - All rights reserved