2445892 – (CVE-2026-25960) CVE-2026-25960 vLLM: vLLM: Server-Side Request Forgery bypass via inconsistent URL parsing

Bug 2445892 (CVE-2026-25960) - CVE-2026-25960 vLLM: vLLM: Server-Side Request Forgery bypass via inconsistent URL parsing

Summary: CVE-2026-25960 vLLM: vLLM: Server-Side Request Forgery bypass via inconsisten...

Keywords:
Status:	NEW
Alias:	CVE-2026-25960
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-03-09 22:02 UTC by OSIDB Bzimport
Modified:	2026-03-10 08:22 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-03-09 22:02:28 UTC

vLLM is an inference and serving engine for large language models (LLMs). The SSRF protection fix for CVE-2026-24779 add in 0.15.1 can be bypassed in the load_from_url_async method due to inconsistent URL parsing behavior between the validation layer and the actual HTTP client. The SSRF fix uses urllib3.util.parse_url() to validate and extract the hostname from user-provided URLs. However, load_from_url_async uses aiohttp for making the actual HTTP requests, and aiohttp internally uses the yarl library for URL parsing. This vulnerability in 0.17.0.

Note You need to log in before you can comment on or make changes to this bug.