VDB
KO
CRITICAL 9.8

PYSEC-2026-566

vLLM Deserialization of Untrusted Data vulnerability

Details

vllm-project vllm version v0.6.2 contains a vulnerability in the MessageQueue.dequeue() API function. The function uses pickle.loads to parse received sockets directly, leading to a remote code execution vulnerability. An attacker can exploit this by sending a malicious payload to the MessageQueue, causing the victim's machine to execute arbitrary code.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / vllm
Introduced in: 0

No fixed version published yet for vllm (pip). Pin to a known-safe version or switch to an alternative.

References