CVE-2026-34756

MEDIUM

vLLM Affected by Unauthenticated OOM Denial of Service via Unbounded `n` Parameter in OpenAI API Server

Title source: cna

Description

vLLM is an inference and serving engine for large language models (LLMs). From 0.1.0 to before 0.19.0, a Denial of Service vulnerability exists in the vLLM OpenAI-compatible API server. Due to the lack of an upper bound validation on the n parameter in the ChatCompletionRequest and CompletionRequest Pydantic models, an unauthenticated attacker can send a single HTTP request with an astronomically large n value. This completely blocks the Python asyncio event loop and causes immediate Out-Of-Memory crashes by allocating millions of request object copies in the heap before the request even reaches the scheduling queue. This vulnerability is fixed in 0.19.0.

References (3)

[X_Refsource_Misc] https://github.com/vllm-project/vllm/pull/37952

[X_Refsource_Misc] https://github.com/vllm-project/vllm/commit/b111f8a61f100fdca08706f41f29ef3548de7380

View Writeup ZIP pw:eip

[X_Refsource_Confirm] https://github.com/vllm-project/vllm/security/advisories/GHSA-3mwp-wvh9-7528

Scores

CVSS v3 6.5

EPSS 0.0004

EPSS Percentile 12.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-770

Status published

Products (3)

pypi/vllm 0.1.0 - 0.19.0PyPI

vllm/vllm 0.1.0 - 0.19.0

vllm-project/vllm >= 0.1.0, < 0.19.0

Published Apr 06, 2026

Tracked Since Apr 06, 2026