{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-71379", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-06-20T13:11:44.728Z", "datePublished": "2026-06-20T18:27:09.485Z", "dateUpdated": "2026-06-22T18:12:51.944Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-06-20T18:27:09.485Z"}, "datePublic": "2025-05-28T00:00:00.000Z", "title": "vllm - Regular Expression Denial of Service in Multiple Components", "descriptions": [{"lang": "en", "value": "vLLM versions >= 0.6.3 and < 0.9.0 contain multiple regular expression denial of service (ReDoS) vulnerabilities. Several regex patterns \u2014 in vllm/lora/utils.py, the phi4mini tool parser, and the OpenAI-compatible serving chat endpoint \u2014 are susceptible to catastrophic backtracking. An attacker submitting crafted input with nested or repeated structures can trigger severe CPU consumption and performance degradation, resulting in denial of service."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Inefficient Regular Expression Complexity", "cweId": "CWE-1333", "type": "CWE"}]}], "affected": [{"vendor": "vllm", "product": "vllm", "defaultStatus": "unaffected", "packageURL": "pkg:pypi/vllm", "versions": [{"version": "0.6.3", "status": "affected", "versionType": "semver", "lessThan": "0.9.0"}, {"version": "0.9.0", "status": "unaffected", "versionType": "semver"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}, {"format": "CVSS", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "references": [{"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-j828-28rj-hfhp", "name": "GHSA Advisory GHSA-j828-28rj-hfhp", "tags": ["vendor-advisory"]}, {"name": "VulnCheck Advisory: vllm - Regular Expression Denial of Service in Multiple Components", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/vllm-regular-expression-denial-of-service-in-multiple-components"}], "x_generator": {"engine": "vulncheck"}, "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:vllm:vllm:*:*:*:*:*:*:*:*", "versionStartIncluding": "0.6.3", "versionEndExcluding": "0.9.0"}]}]}], "credits": [{"lang": "en", "value": "kexinoh", "type": "reporter"}, {"lang": "en", "value": "russellb", "type": "coordinator"}, {"lang": "en", "value": "mgoin", "type": "finder"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-22T17:54:20.295719Z", "id": "CVE-2025-71379", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-22T18:12:51.944Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-71379", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-22T17:54:20.295719Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-22T17:54:23.759Z"}}], "cna": {"title": "vllm - Regular Expression Denial of Service in Multiple Components", "credits": [{"lang": "en", "type": "reporter", "value": "kexinoh"}, {"lang": "en", "type": "coordinator", "value": "russellb"}, {"lang": "en", "type": "finder", "value": "mgoin"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"version": "4.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "vllm", "product": "vllm", "versions": [{"status": "affected", "version": "0.6.3", "lessThan": "0.9.0", "versionType": "semver"}, {"status": "unaffected", "version": "0.9.0", "versionType": "semver"}], "packageURL": "pkg:pypi/vllm", "defaultStatus": "unaffected"}], "datePublic": "2025-05-28T00:00:00.000Z", "references": [{"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-j828-28rj-hfhp", "name": "GHSA Advisory GHSA-j828-28rj-hfhp", "tags": ["vendor-advisory"]}, {"url": "https://www.vulncheck.com/advisories/vllm-regular-expression-denial-of-service-in-multiple-components", "name": "VulnCheck Advisory: vllm - Regular Expression Denial of Service in Multiple Components", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "vLLM versions >= 0.6.3 and < 0.9.0 contain multiple regular expression denial of service (ReDoS) vulnerabilities. Several regex patterns \u2014 in vllm/lora/utils.py, the phi4mini tool parser, and the OpenAI-compatible serving chat endpoint \u2014 are susceptible to catastrophic backtracking. An attacker submitting crafted input with nested or repeated structures can trigger severe CPU consumption and performance degradation, resulting in denial of service."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1333", "description": "Inefficient Regular Expression Complexity"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vllm:vllm:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "0.9.0", "versionStartIncluding": "0.6.3"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-06-20T18:27:09.485Z"}}}, "cveMetadata": {"cveId": "CVE-2025-71379", "state": "PUBLISHED", "dateUpdated": "2026-06-22T18:12:51.944Z", "dateReserved": "2026-06-20T13:11:44.728Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-06-20T18:27:09.485Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{}

{"bugzilla": {"description": "vllm: vLLM: Denial of Service via regular expression denial of service (ReDoS) vulnerabilities", "id": "2491059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2491059"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-1333", "details": ["vLLM versions >= 0.6.3 and < 0.9.0 contain multiple regular expression denial of service (ReDoS) vulnerabilities. Several regex patterns \u2014 in vllm/lora/utils.py, the phi4mini tool parser, and the OpenAI-compatible serving chat endpoint \u2014 are susceptible to catastrophic backtracking. An attacker submitting crafted input with nested or repeated structures can trigger severe CPU consumption and performance degradation, resulting in denial of service.", "A flaw was found in vLLM. Multiple regular expression denial of service (ReDoS) vulnerabilities exist in versions greater than or equal to 0.6.3 and less than 0.9.0. An attacker can exploit this by submitting crafted input with nested or repeated structures to specific regex patterns within vLLM, such as those in `vllm/lora/utils.py`, the phi4mini tool parser, and the OpenAI-compatible serving chat endpoint. This can lead to severe CPU consumption and performance degradation, resulting in a denial of service (DoS) for the affected system."], "mitigation": {"lang": "en:us", "value": "No mitigation required for unaffected versions."}, "name": "CVE-2025-71379", "package_state": [{"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaiis/vllm-cpu-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaiis/vllm-cuda-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaiis/vllm-neuron-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaiis/vllm-rocm-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaiis/vllm-spyre-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaiis/vllm-tpu-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaii/vllm-cpu-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaii/vllm-cuda-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaii/vllm-gaudi-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaii/vllm-neuron-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaii/vllm-rocm-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaii/vllm-spyre-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Not affected", "package_name": "rhaii/vllm-tpu-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Not affected", "package_name": "rhelai3/bootc-aws-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Not affected", "package_name": "rhelai3/bootc-azure-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Not affected", "package_name": "rhelai3/bootc-azure-rocm-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Not affected", "package_name": "rhelai3/bootc-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Not affected", "package_name": "rhelai3/bootc-gaudi-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Not affected", "package_name": "rhelai3/bootc-gcp-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Not affected", "package_name": "rhelai3/bootc-rocm-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-kserve-agent-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-kserve-controller-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-kserve-router-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-kserve-storage-initializer-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-llm-d-kv-cache-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-vllm-gaudi-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}], "public_date": "2026-06-20T18:27:09Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-71379\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-71379\nhttps://github.com/vllm-project/vllm/security/advisories/GHSA-j828-28rj-hfhp\nhttps://www.vulncheck.com/advisories/vllm-regular-expression-denial-of-service-in-multiple-components"], "statement": "Red Hat rates this issue as having Low impact for Red Hat AI products. Shipped vLLM versions in Red Hat OpenShift AI, Red Hat AI Inference Server, and Red Hat Enterprise Linux AI do not include the vulnerable regular expression code paths.", "threat_severity": "Low"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.6.3,0.9.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "0.9.0"}}], "enrichment": {"confidence": 90.0, "confidence_source": "inferred", "scores": [{"score": 90.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "vllm", "vendor": "vllm"}], "created": "2026-06-20T19:30:06.004108+00:00", "updated": "2026-06-20T20:00:06.401982+00:00", "vendors": ["vllm", "vllm$PRODUCT$vllm"]}