CVE-2026-48746 | vLLM is an inference and serving engine for large language m… | CVSS 9.1 CRITICAL

Description

vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware. It allows to use the API without providing the configured VLLM_API_KEY or --api-key. This vulnerability is fixed in 0.22.0.

Metadata

CVE ID: CVE-2026-48746
State: PUBLISHED
Assigner: GitHub_M
Reserved: 2026-05-22 19:10 UTC
Published: 2026-06-22 21:57 UTC
Last updated: 2026-06-22 21:57 UTC
Primary CWE: CWE-444
CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP…
Vendor / Product: vllm-project / vllm
Sources: cve.org · NVD

Severity & Metrics

9.1 CRITICAL CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Affected products (1)

Vendor	Product	Platform	Versions
vllm-project	vllm	—	>= 0.3.0, < 0.22.0

Weakness (CWE)

CWE	Source	Description
CWE-444	cna	CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CVSS scores (1)

Score	Severity	Version	Source	Vector
9.1	CRITICAL	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

References (3)

https://github.com/vllm-project/vllm/security/advisories/GHSA-94f4-hr76-p5j6 https://github.com/vllm-project/vllm/security/advisories/GHSA-94f4-hr76-p5j6
https://github.com/vllm-project/vllm/pull/43426 https://github.com/vllm-project/vllm/pull/43426
https://x41-dsec.de/lab/advisories/x41-2026-002-starlette https://x41-dsec.de/lab/advisories/x41-2026-002-starlette