PYSEC-2026-143

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/vllm/PYSEC-2026-143.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-143
Aliases
Published
2026-01-10T07:16:03.527Z
Modified
2026-05-20T09:19:21.486475Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

vLLM is an inference and serving engine for large language models (LLMs). In versions from 0.6.4 to before 0.12.0, users can crash the vLLM engine serving multimodal models that use the Idefics3 vision model implementation by sending a specially crafted 1x1 pixel image. This causes a tensor dimension mismatch that results in an unhandled runtime error, leading to complete server termination. This issue has been patched in version 0.12.0.

References

Affected packages

PyPI / vllm

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0.6.4
Fixed
0.12.0

Affected versions

0.*
0.6.4
0.6.4.post1
0.6.5
0.6.6
0.6.6.post1
0.7.0
0.7.1
0.7.2
0.7.3
0.8.0
0.8.1
0.8.2
0.8.3
0.8.4
0.8.5
0.8.5.post1
0.9.0
0.9.0.1
0.9.1
0.9.2
0.10.0
0.10.1
0.10.1.1
0.10.2
0.11.0
0.11.1
0.11.2

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/vllm/PYSEC-2026-143.yaml"