CVE-2025-71379 | vLLM up to 0.8.x OpenAI-compatible Serving Chat Endpoint vllm/lora/utils.py redos (GHSA-j828-28rj-hfhp)

Inserito da Angelo Barbosa | Giu 20, 2026 | CVE

A vulnerability labeled as problematic has been found in vLLM up to 0.8.x. Impacted is an unknown function of the file vllm/lora/utils.py of the component OpenAI-compatible Serving Chat Endpoint. The manipulation results in inefficient regular expression complexity.

This vulnerability is cataloged as CVE-2025-71379. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2025-71379 | vLLM up to 0.8.x OpenAI-compatible Serving Chat Endpoint vllm/lora/utils.py redos (GHSA-j828-28rj-hfhp)

Post correlati

CVE-2026-1732 | GitLab Community Edition/Enterprise Edition up to 18.7.5/18.8.5/18.9.1 improper removal of sensitive information before storage or transfer

CVE-2023-48276 | WP Forms Puzzle Captcha Plugin up to 4.1 on WordPress CAPTCHA Page access control

CVE-2023-5607 | Trellix Application and Change Control up to 8.3.x GTI Reputation File path traversal

CVE-2024-4961 | D-Link DAR-7000-40 V31R02B1413C /user/onlineuser.php file_upload unrestricted upload (SAP10354)