CVE-2025-46722: vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
(updated )
In the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image objects using only obj.tobytes(), which returns only the raw pixel data, without including metadata such as the image’s shape (width, height, mode). As a result, two images of different sizes (e.g., 30x100 and 100x30) with the same pixel byte sequence could generate the same hash value. This may lead to hash collisions, incorrect cache hits, and even data leakage or security risks.
References
- github.com/advisories/GHSA-c65p-x677-fgj6
- github.com/pypa/advisory-database/tree/main/vulns/vllm/PYSEC-2025-43.yaml
- github.com/vllm-project/vllm
- github.com/vllm-project/vllm/commit/99404f53c72965b41558aceb1bc2380875f5d848
- github.com/vllm-project/vllm/pull/17378
- github.com/vllm-project/vllm/security/advisories/GHSA-c65p-x677-fgj6
- nvd.nist.gov/vuln/detail/CVE-2025-46722
Code Behaviors & Features
Detect and mitigate CVE-2025-46722 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →