Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

299 New today

64,626 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

305

Jun 22

Jun 23

Critical

High

Medium

Low

Latest

CVE CVSS 5.3

vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router_CVE-2026-54236

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a sanitize_message helper that strips object-repr memory addresses from error messages before they reach the client, is incomplete: severa...

CVE-2026-54236 vllm-project vllm < 0.23.1rc0

Jun 22, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.9	CVE-2026-54235	vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels_CVE-2026-54235 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operat...	vllm-project	vllm < 0.23.1rc0	Jun 22, 2026	CVE
MEDIUM 6.5	CVE-2026-54233	vLLM: OOM Denial of Service via Audio Decompression Bomb_CVE-2026-54233 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compr...	vllm-project	vllm < 0.23.1rc0	Jun 22, 2026	CVE
HIGH 8.8	CVE-2026-54232	vLLM: Dependency Confusion Vulnerability in vLLM Dockerfile_CVE-2026-54232 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.1, the vLLM Dockerfile is vulnerable to a dependency confus...	vllm-project	vllm < 0.22.1	Jun 22, 2026	CVE
MEDIUM 5.3	CVE-2026-53923	vLLM GGUF Kernels: int64_t to int truncation of tensor dimensions causes GPU buffer overflow_CVE-2026-53923 vLLM is an inference and serving engine for large language models (LLMs). From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vL...	vllm-project	vllm >= 0.5.5, < 0.23.1rc0	Jun 22, 2026	CVE
CRITICAL 9.1	CVE-2026-48746	vLLM: OpenAI auth bypass_CVE-2026-48746 vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlett...	vllm-project	vllm >= 0.3.0, < 0.22.0	Jun 22, 2026	CVE
MEDIUM 6.5	CVE-2026-47155	vLLM: Artifact Pin Decay in vLLM allows pinned deployments to load unpinned code, weights, and processors_CVE-2026-47155 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, vLLM's revision pinning controls do not consistently app...	vllm-project	vllm < 0.22.0	Jun 22, 2026	CVE
HIGH 7.5	CVE-2026-41523	vLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arbitrary Code Execution_CVE-2026-41523 vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, an assert-based security check in vLLM's activation func...	vllm-project	vllm < 0.22.0	Jun 22, 2026	CVE
NONE	959BDE59-627E-	bypass-code-defender_959BDE59-627E-5EBC-B239-D7E23BC18A90 ansi ┌──root💀bypass- └─ cat /etc/bypass-code/about ─────────────────────────────────── yaml system: name: "BYPASSCODE" role: "server / vps guardia...	N/A	N/A	Jun 22, 2026	GITHUBEXPLOIT
HIGH 8.8	MS:CVE-2026-12439	Chromium: CVE-2026-12439 Use after free in Digital Credentials_MS:CVE-2026-12439 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 19, 2026	MSCVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router_CVE-2026-54236

Recent Advisories

vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels_CVE-2026-54235

vLLM: OOM Denial of Service via Audio Decompression Bomb_CVE-2026-54233

vLLM: Dependency Confusion Vulnerability in vLLM Dockerfile_CVE-2026-54232

vLLM GGUF Kernels: int64_t to int truncation of tensor dimensions causes GPU buffer overflow_CVE-2026-53923

vLLM: OpenAI auth bypass_CVE-2026-48746

vLLM: Artifact Pin Decay in vLLM allows pinned deployments to load unpinned code, weights, and processors_CVE-2026-47155

vLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arbitrary Code Execution_CVE-2026-41523

bypass-code-defender_959BDE59-627E-5EBC-B239-D7E23BC18A90

Chromium: CVE-2026-12439 Use after free in Digital Credentials_MS:CVE-2026-12439

Protect Your Attack Surface with RedGem

Security Intelligence
Feed