CVE-2026-0599

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-0599
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-0599.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-0599
Aliases
Published
2026-02-02T11:16:17.773Z
Modified
2026-03-14T12:46:48.502140Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Markdown image links and performs a blocking HTTP GET request, reading the entire response body into memory and cloning it before decoding. This behavior can lead to resource exhaustion, including network bandwidth saturation, memory inflation, and CPU overutilization. The vulnerability is triggered even if the request is later rejected for exceeding token limits. The default deployment configuration, which lacks memory usage limits and authentication, exacerbates the impact, potentially crashing the host machine. The issue is resolved in version 3.3.7.

References

Affected packages

Git / github.com/huggingface/text-generation-inference

Affected ranges

Type
GIT
Repo
https://github.com/huggingface/text-generation-inference
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
24ee40d143d8d046039f12f76940a85886cbe152

Affected versions

v0.*
v0.2.0
v0.2.1
v0.3.0
v0.3.1
v0.3.2
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.5.0
v0.6.0
v0.7.0
v0.8.0
v0.8.1
v0.8.2
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v1.*
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.1.0
v1.1.1
v1.2.0
v1.3.0
v1.3.1
v1.3.2
v1.3.3
v1.3.4
v1.4.0
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v2.*
v2.0.0
v2.0.1
v2.0.2
v2.0.3
v2.3.0
v3.*
v3.3.6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-0599.json"