SSRF in Vllm-project Vllm
CVE-2026-34753
vLLM is an inference and serving engine for large language models (LLMs). From 0.16.0 to before 0.19.0, a server-side request forgery (SSRF) vulnerability in download_bytes_from_url allows any actor who can control batch input JSON to make…
Vulnerability class: SSRF (Server-Side Request Forgery)
EPSS: 0.000 (14.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.4 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L.
Affected products
- Vllm-project Vllm — versions >= 0.16.0, < 0.19.0
Weakness classification (CWE)
Public proof-of-concept exploits
References
- https://github.com/vllm-project/vllm/security/advisories/GHSA-pf3h-qjgv-vcpr (x_refsource_CONFIRM)
Frequently asked questions
- What is CVE-2026-34753?
- CVE-2026-34753 is a medium-severity vulnerability in Vllm-project Vllm, classified under Server-Side Request Forgery (SSRF). CVSS score: 5.4/10. Published 2026-04-06.
- How severe is CVE-2026-34753?
- Medium severity. CVSS v3 base score is 5.4 out of 10.
- Is CVE-2026-34753 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.