Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-55514

vLLM is a library for LLM inference and serving. From 0.12.0 to before 0.24.0, sending a pure prompt embeds payload in a /v1/completions request with a model using M-RoPE causes EngineCore to fail an assertion and fatally crash, shutting down the entire server application. Any remote user who is authorized to make a /v1/completions request can make such a request and induce a crash. This issue is fixed in version 0.24.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 24.9%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2026-55514
  • Vllm » Vllm » Version: 0.12.0
    cpe:2.3:a:vllm:vllm:0.12.0
  • Vllm » Vllm » Version: 0.13.0
    cpe:2.3:a:vllm:vllm:0.13.0
  • Vllm » Vllm » Version: 0.14.0
    cpe:2.3:a:vllm:vllm:0.14.0
  • Vllm » Vllm » Version: 0.14.1
    cpe:2.3:a:vllm:vllm:0.14.1
  • Vllm » Vllm » Version: 0.15.0
    cpe:2.3:a:vllm:vllm:0.15.0
  • Vllm » Vllm » Version: 0.15.1
    cpe:2.3:a:vllm:vllm:0.15.1
  • Vllm » Vllm » Version: 0.15.2
    cpe:2.3:a:vllm:vllm:0.15.2
  • Vllm » Vllm » Version: 0.16.0
    cpe:2.3:a:vllm:vllm:0.16.0
  • Vllm » Vllm » Version: 0.16.1
    cpe:2.3:a:vllm:vllm:0.16.1
  • Vllm » Vllm » Version: 0.17.0
    cpe:2.3:a:vllm:vllm:0.17.0
  • Vllm » Vllm » Version: 0.17.1
    cpe:2.3:a:vllm:vllm:0.17.1
  • Vllm » Vllm » Version: 0.17.2
    cpe:2.3:a:vllm:vllm:0.17.2
  • Vllm » Vllm » Version: 0.18.0
    cpe:2.3:a:vllm:vllm:0.18.0
  • Vllm » Vllm » Version: 0.18.1
    cpe:2.3:a:vllm:vllm:0.18.1
  • Vllm » Vllm » Version: 0.18.2
    cpe:2.3:a:vllm:vllm:0.18.2
  • Vllm » Vllm » Version: 0.19.0
    cpe:2.3:a:vllm:vllm:0.19.0
  • Vllm » Vllm » Version: 0.19.1
    cpe:2.3:a:vllm:vllm:0.19.1
  • Vllm » Vllm » Version: 0.19.2
    cpe:2.3:a:vllm:vllm:0.19.2
  • Vllm » Vllm » Version: 0.20.0
    cpe:2.3:a:vllm:vllm:0.20.0
  • Vllm » Vllm » Version: 0.20.1
    cpe:2.3:a:vllm:vllm:0.20.1
  • Vllm » Vllm » Version: 0.20.2
    cpe:2.3:a:vllm:vllm:0.20.2
  • Vllm » Vllm » Version: 0.21.0
    cpe:2.3:a:vllm:vllm:0.21.0
  • Vllm » Vllm » Version: 0.21.1
    cpe:2.3:a:vllm:vllm:0.21.1
  • Vllm » Vllm » Version: 0.22.0
    cpe:2.3:a:vllm:vllm:0.22.0
  • Vllm » Vllm » Version: 0.22.1
    cpe:2.3:a:vllm:vllm:0.22.1
  • Vllm » Vllm » Version: 0.23.0
    cpe:2.3:a:vllm:vllm:0.23.0
  • Vllm » Vllm » Version: 0.23.1
    cpe:2.3:a:vllm:vllm:0.23.1


Contact Us

Shodan ® - All rights reserved