CVE-2026-55514: CWE-617: Reachable Assertion in vllm-project vllm
vLLM is a library for LLM inference and serving. From 0.12.0 to before 0.24.0, sending a pure prompt embeds payload in a /v1/completions request with a model using M-RoPE causes EngineCore to fail an assertion and fatally crash, shutting down the entire server application. Any remote user who is authorized to make a /v1/completions request can make such a request and induce a crash. This issue is fixed in version 0.24.0.
AI Analysis
Technical Summary
vLLM, a library for large language model inference and serving, has a reachable assertion vulnerability (CWE-617) in versions >=0.12.0 and <0.24.0. When a pure prompt with a payload is sent in a /v1/completions request using a model with M-RoPE, the EngineCore component fails an assertion and fatally crashes, causing the entire server to shut down. This vulnerability can be exploited remotely by any authorized user of the /v1/completions endpoint. The vulnerability has a CVSS 4.0 base score of 7.1 (high severity). The issue is resolved in version 0.24.0.
Potential Impact
Exploitation results in a denial of service by crashing the EngineCore and shutting down the entire vLLM server application. This can be triggered remotely by any user authorized to make /v1/completions requests, potentially disrupting availability of the service.
Mitigation Recommendations
Upgrade vLLM to version 0.24.0 or later where this assertion failure vulnerability is fixed. No other mitigation or workaround is documented. Patch status is confirmed by the vendor advisory stating the fix is in 0.24.0.
CVE-2026-55514: CWE-617: Reachable Assertion in vllm-project vllm
Description
vLLM is a library for LLM inference and serving. From 0.12.0 to before 0.24.0, sending a pure prompt embeds payload in a /v1/completions request with a model using M-RoPE causes EngineCore to fail an assertion and fatally crash, shutting down the entire server application. Any remote user who is authorized to make a /v1/completions request can make such a request and induce a crash. This issue is fixed in version 0.24.0.
CVSS v4.0
Score 7.1high
Affected software
pkg:github/vllm-project/vllmRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
vLLM, a library for large language model inference and serving, has a reachable assertion vulnerability (CWE-617) in versions >=0.12.0 and <0.24.0. When a pure prompt with a payload is sent in a /v1/completions request using a model with M-RoPE, the EngineCore component fails an assertion and fatally crashes, causing the entire server to shut down. This vulnerability can be exploited remotely by any authorized user of the /v1/completions endpoint. The vulnerability has a CVSS 4.0 base score of 7.1 (high severity). The issue is resolved in version 0.24.0.
Potential Impact
Exploitation results in a denial of service by crashing the EngineCore and shutting down the entire vLLM server application. This can be triggered remotely by any user authorized to make /v1/completions requests, potentially disrupting availability of the service.
Mitigation Recommendations
Upgrade vLLM to version 0.24.0 or later where this assertion failure vulnerability is fixed. No other mitigation or workaround is documented. Patch status is confirmed by the vendor advisory stating the fix is in 0.24.0.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-06-16T22:44:22.284Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a4c11fc27e9c797192ee53b
Added to database: 07/06/2026, 20:37:16 UTC
Last enriched: 07/06/2026, 20:52:08 UTC
Last updated: 07/06/2026, 23:11:00 UTC
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.