CVE-2025-11915

HTTP Proxy - Info Disclosure

Title source: llm

Description

Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action.

References (1)

[Various Sources] https://cloud.google.com/vertex-ai/generative-ai/docs/security-bulletins#gcp-2025-059

Scores

EPSS 0.0008

EPSS Percentile 23.8%

Classification

CWE

CWE-444

Status draft

Timeline

Published Oct 22, 2025

Tracked Since Feb 18, 2026