PyPi: Vllm

CVE-2025-25183

Safety vulnerability ID: 76340

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Feb 07, 2025 Updated at Apr 06, 2025

Scan your Python projects for vulnerabilities →

Advisory

Maliciously constructed prompts can lead to hash collisions, resulting in prefix cache reuse, which can interfere with subsequent responses and cause unintended behavior.

Affected package

vllm

Latest version: 0.8.3

A high-throughput and memory-efficient inference and serving engine for LLMs

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://github.com/advisories/GHSA-rm76-4mrf-v9r8
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25183

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application