CVE-2026-48746 | vLLM up to 0.21.x OpenAI API request smuggling (GHSA-94f4-hr76-p5j6)

Inserito da Angelo Barbosa | Giu 23, 2026 | CVE

A vulnerability was found in vLLM up to 0.21.x. It has been rated as critical. This issue affects some unknown processing of the component OpenAI API. The manipulation leads to http request smuggling.

This vulnerability is uniquely identified as CVE-2026-48746. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.

CVE-2026-48746 | vLLM up to 0.21.x OpenAI API request smuggling (GHSA-94f4-hr76-p5j6)

Post correlati

CVE-2024-38748 | TheInnovs EleForms Plugin up to 2.9.9.9 on WordPress authorization

CVE-2021-47922 | Soliloquywp Slider 2.6.2 Title cross site scripting (Exploit 50563 / EDB-50563)

CVE-2025-62672 | boyns rplay up to 3.3.2 librplay/rplay.c RPLAY_DATA allocation of resources (EUVD-2025-35001)

CVE-2024-3512 | gn_themes WP Shortcodes Plugin up to 7.0.4 on WordPress Shortcode note_color cross site scripting