vLLM: OpenAI auth bypass_CVE-2026-48746

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Description

vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware. It allows to use the API without providing the configured VLLM_API_KEY or --api-key. This vulnerability is fixed in 0.22.0.

AI Analysis

Authentication bypass vulnerability in vLLM's OpenAI API AuthenticationMiddleware

Basic Information

ID CVE-2026-48746

Source GitHub_M

Published Jun 22, 2026 at 21:57

Affected Product

Vendor vllm-project

Product vllm

Version >= 0.3.0, < 0.22.0

Affected Versions vllm-project vllm >= 0.3.0, < 0.22.0

CWE Classification

CWE-444

AI Assessment

AI Score 9.1 / 10

AI Severity Critical

Vendor vllm-project

Product vLLM

Version 0.3.0-0.22.0

References

{
    "lastseen": "",
    "description": "vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware. It allows to use the API without providing the configured VLLM_API_KEY or --api-key. This vulnerability is fixed in 0.22.0.",
    "published": "2026-06-22T21:57:28.997Z",
    "modified": "2026-06-22T21:57:28.997Z",
    "type": "cve",
    "title": "vLLM: OpenAI auth bypass",
    "source": "GitHub_M",
    "references": "https://github.com/vllm-project/vllm/security/advisories/GHSA-94f4-hr76-p5j6\nhttps://github.com/vllm-project/vllm/pull/43426\nhttps://x41-dsec.de/lab/advisories/x41-2026-002-starlette",
    "id": "CVE-2026-48746",
    "bulletinFamily": "",
    "cwe": [
        "CWE-444"
    ],
    "cvelist": null,
    "sourceData": "vllm-project vllm >= 0.3.0, < 0.22.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "vllm",
    "version": ">= 0.3.0, < 0.22.0",
    "vendor": "vllm-project",
    "ai_description": "Authentication bypass vulnerability in vLLM's OpenAI API AuthenticationMiddleware",
    "ai_severity": "Critical",
    "ai_vendor": "vllm-project",
    "ai_product": "vLLM",
    "ai_version": "0.3.0-0.22.0",
    "ai_score": 9.1
}