Primary

Context

vLLM Remote Code Execution Vulnerability via Unchecked Dynamic Module Loading

Vulnerability

Patched

A remote code execution vulnerability exists in vLLM, an inference and serving engine for large language models. This issue affects vLLM versions 0.10.1 prior to 0.14.0. The vulnerability arises because vLLM loads dynamic modules from Hugging Face's 'auto_map' during model resolution without verifying the 'trust_remote_code' parameter. As a result, attacker-controlled Python code in a model repository or path can be executed on the vLLM host during model loading, before any requests are processed, and without requiring API access.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the vLLM host during the model loading process.

Remediation

Users can upgrade to vLLM version 0.14.0 or later, where this vulnerability has been fixed.

Added: Jan 21, 2026, 10:31 PM

Updated: Jan 21, 2026, 10:31 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

10.0

exploitability

5.1

remediation

7.7

relevance

2.3

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

10.0

exploitability

5.1

remediation

7.7

relevance

2.3

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

vLLM Remote Code Execution Vulnerability via Unchecked Dynamic Module Loading

Vulnerability

Impact

Remediation

Affected Products

vLLM

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating