CVE-2025-46560 | vllm up to 0.8.4 Multimodal Tokenizer redos (GHSA-vc6m-hm49-g9qg)

Inserito da Angelo Barbosa | Apr 30, 2025 | CVE

A vulnerability was found in vllm up to 0.8.4. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Multimodal Tokenizer. The manipulation leads to inefficient regular expression complexity.

This vulnerability is known as CVE-2025-46560. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-46560 | vllm up to 0.8.4 Multimodal Tokenizer redos (GHSA-vc6m-hm49-g9qg)

Post correlati

CVE-2024-4899 | SEOPress Plugin up to 7.7 on WordPress Post Setting cross site scripting

CVE-2024-52505 | matrix-org matrix-appservice-irc up to 3.0.2 Provisioning API input terminators (GHSA-c3hj-hg7p-rrq5)

CVE-2025-4188 | Advanced Reorder Image Text Slider Plugin up to 1.0 on WordPress Setting cross-site request forgery

CVE-2023-37032 | Linux Foundation Magma up to 1.8.0 Mobile Management Entity stack-based overflow