CVE-2025-48944: vLLM Tool Schema allows DoS via Malformed pattern and type Fields

May 28, 2025 (updated May 30, 2025)

The vLLM backend used with the /v1/chat/completions OpenAPI endpoint fails to validate unexpected or malformed input in the “pattern” and “type” fields when the tools functionality is invoked. These inputs are not validated before being compiled or parsed, causing a crash of the inference worker with a single request. The worker will remain down until it is restarted.

References

github.com/advisories/GHSA-vrq3-r879-7m65
github.com/vllm-project/vllm
github.com/vllm-project/vllm/pull/17623
github.com/vllm-project/vllm/security/advisories/GHSA-vrq3-r879-7m65
nvd.nist.gov/vuln/detail/CVE-2025-48944

Code Behaviors & Features

Detect and mitigate CVE-2025-48944 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →