CVE-2025-62426

MEDIUM

vLLM 0.5.5-0.11.1 - Denial of Service via Unvalidated chat_template_kwargs Parameter

Title source: llm

Description

vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before 0.11.1, the /v1/chat/completions and /tokenize endpoints allow a chat_template_kwargs request parameter that is used in the code before it is properly validated against the chat template. With the right chat_template_kwargs parameters, it is possible to block processing of the API server for long periods of time, delaying all other requests. This issue has been patched in version 0.11.1.

References (5)

Core 5

Core References

Vendor Advisory x_refsource_confirm

https://github.com/vllm-project/vllm/security/advisories/GHSA-69j4-grxj-j64p

Issue Tracking x_refsource_misc

https://github.com/vllm-project/vllm/pull/27205

Patch x_refsource_misc

https://github.com/vllm-project/vllm/commit/3ada34f9cb4d1af763fdfa3b481862a93eb6bd2b

View Patch ZIP pw:eip

Product x_refsource_misc

https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/chat_utils.py#L1602-L1610

Product x_refsource_misc

https://github.com/vllm-project/vllm/blob/2a6dc67eb520ddb9c4138d8b35ed6fe6226997fb/vllm/entrypoints/openai/serving_engine.py#L809-L814

View Writeup ZIP pw:eip

Scores

CVSS v3 6.5

EPSS 0.0032

EPSS Percentile 23.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-770

Status published

Products (3)

pypi/vllm 0.5.5 - 0.11.1PyPI

vllm/vllm 0.11.1 rc0 (2 CPE variants)

vllm/vllm 0.5.5 - 0.11.1

Published Nov 21, 2025

Tracked Since Feb 18, 2026