HIGHCVE-2026-41523Published 2026-06-22Modified 2026-06-22CNA GitHub_M

CVE-2026-41523: vLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arbitrary Code Execution

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, an assert-based security check in vLLM's activation function loading allows any unauthenticated attacker to achieve arbitrary code execution on the server by publishing a malicious HuggingFace model, when vLLM runs in Python optimized mode (python -O or PYTHONOPTIMIZE=1). This vulnerability is fixed in 0.22.0.

CVSS v3.1: 7.5
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

vllm-project / vllm
< 0.22.0

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

References

https://github.com/vllm-project/vllm/security/advisories/GHSA-q8gq-377p-jq3r
https://github.com/vllm-project/vllm/commit/b3c7ffcab82c2439726f8cb213800f6f38c023d3
https://huntr.com/bounties/dcb05b04-e625-41e7-adbc-bbae0cc2d64c

Metrics

Get notified