2455394 – (CVE-2026-34753) CVE-2026-34753 vllm: vLLM: Server-Side Request Forgery allows access to internal services via controlled batch input

Bug 2455394 (CVE-2026-34753) - CVE-2026-34753 vllm: vLLM: Server-Side Request Forgery allows access to internal services via controlled batch input

Summary: CVE-2026-34753 vllm: vLLM: Server-Side Request Forgery allows access to inter...

Keywords:
Status:	NEW
Alias:	CVE-2026-34753
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2026-04-06 16:02 UTC by OSIDB Bzimport
Modified:	2026-04-06 20:29 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-04-06 16:02:08 UTC

vLLM is an inference and serving engine for large language models (LLMs). From 0.16.0 to before 0.19.0, a server-side request forgery (SSRF) vulnerability in download_bytes_from_url allows any actor who can control batch input JSON to make the vLLM batch runner issue arbitrary HTTP/HTTPS requests from the server, without any URL validation or domain restrictions.
This can be used to target internal services (e.g. cloud metadata endpoints or internal HTTP APIs) reachable from the vLLM host. This vulnerability is fixed in 0.19.0.

Note You need to log in before you can comment on or make changes to this bug.