CVE-2026-48746

Summary

vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware. It allows to use the API without providing the configured VLLM_API_KEY or –api-key. This vulnerability is fixed in 0.22.0.

Affected Software

VendorProductVersion RangeStatus
vllm-projectvllm>= 0.3.0, < 0.22.0affected

Weaknesses

  • CWE-444: CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

Additional References

vllm: starlette: vLLM: Critical authentication bypass allows unauthorized API access

Additional References

References