CVE-2025-71379 | vLLM up to 0.8.x OpenAI-compatible Serving Chat Endpoint vllm/lora/utils.py redos (GHSA-j828-28rj-hfhp)

Inserito da Angelo Barbosa | Giu 20, 2026 | CVE

A vulnerability labeled as problematic has been found in vLLM up to 0.8.x. Impacted is an unknown function of the file vllm/lora/utils.py of the component OpenAI-compatible Serving Chat Endpoint. The manipulation results in inefficient regular expression complexity.

This vulnerability is cataloged as CVE-2025-71379. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2025-71379 | vLLM up to 0.8.x OpenAI-compatible Serving Chat Endpoint vllm/lora/utils.py redos (GHSA-j828-28rj-hfhp)

Post correlati

CVE-2025-7730 | Bold Page Builder Plugin up to 5.4.5 on WordPress percentage cross site scripting

CVE-2024-37675 | Tessi Docubase Document Management 5.x Note sectionContent cross site scripting

CVE-2024-7185 | TOTOLINK A3600R 4.1.2cu.5182_B20201102 /cgi-bin/cstecgi.cgi setWebWlanIdx webWlanIdx buffer overflow

CVE-2023-44402 | Electron up to 23.3.13 data authenticity (GHSA-7m48-wc93-9g85)