CVE-2026-24779

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-24779

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-24779.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-24779

Aliases

GHSA-qh4c-xf7m-gxfc

Published

2026-01-27T22:01:13.808Z

Modified

2026-03-01T02:23:22.861679Z

Severity

7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L CVSS Calculator

Summary

vLLM vulnerable to Server-Side Request Forgery (SSRF) in `MediaConnector`

Details

vLLM is an inference and serving engine for large language models (LLMs). Prior to version 0.14.1, a Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurl_async methods obtain and process media from URLs provided by users, using different Python parsing libraries when restricting the target host. These two parsing libraries have different interpretations of backslashes, which allows the host name restriction to be bypassed. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources. This vulnerability is particularly critical in containerized environments like llm-d, where a compromised vLLM pod could be used to scan the internal network, interact with other pods, and potentially cause denial of service or access sensitive data. For example, an attacker could make the vLLM pod send malicious requests to an internal llm-d management endpoint, leading to system instability by falsely reporting metrics like the KV cache state. Version 0.14.1 contains a patch for the issue.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-918"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/24xxx/CVE-2026-24779.json"
}

References

Affected packages

Git / github.com/vllm-project/vllm

Affected ranges

Type: GIT
Repo: https://github.com/vllm-project/vllm
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

d7de043d55d1dd629554467e23874097e1c48993

Affected versions

Other

submission

v0.*

v0.1.0

v0.1.1

v0.1.2

v0.1.3

v0.1.4

v0.1.5

v0.1.6

v0.1.7

v0.10.0

v0.10.0rc1

v0.10.0rc2

v0.10.1rc1

v0.10.2rc1

v0.10.2rc2

v0.11.0rc1

v0.11.1

v0.11.1rc0

v0.11.1rc1

v0.11.1rc2

v0.11.1rc3

v0.11.1rc4

v0.11.1rc5

v0.11.1rc6

v0.13.0rc1

v0.14.0

v0.14.0rc0

v0.14.0rc1

v0.14.0rc2

v0.2.0

v0.2.1

v0.2.2

v0.2.3

v0.2.4

v0.2.5

v0.2.6

v0.2.7

v0.3.0

v0.3.1

v0.3.2

v0.3.3

v0.4.0

v0.4.0.post1

v0.4.1

v0.4.2

v0.4.3

v0.5.0

v0.5.0.post1

v0.5.1

v0.5.2

v0.5.3

v0.5.3.post1

v0.5.4

v0.5.5

v0.6.0

v0.6.1

v0.6.1.post1

v0.6.1.post2

v0.6.2

v0.6.3

v0.6.3.post1

v0.6.4

v0.6.4.post1

v0.6.5

v0.6.6

v0.6.6.post1

v0.7.0

v0.7.1

v0.7.2

v0.7.3

v0.8.0rc1

v0.8.0rc2

v0.8.1

v0.8.2

v0.8.3rc1

v0.8.4

v0.9.0

v0.9.1

v0.9.1rc1

v0.9.1rc2

v0.9.2rc1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-24779.json"