CVE-2025-48942 — vLLM DOS: Remotely kill vllm over http with invalid JSON schema

Description

vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8.0 up to but excluding 0.9.0, hitting the /v1/completions API with a invalid json_schema as a Guided Param kills the vllm server. This vulnerability is similar GHSA-9hcf-v7m4-6m2j/CVE-2025-48943, but for regex instead of a JSON schema. Version 0.9.0 fixes the issue.

How to fix CVE-2025-48942

To remediate CVE-2025-48942, upgrade the affected package to a fixed version below.

—upgrade to 0.9.0 or later
—upgrade to 08bf7840780980c7568c573c70a6a8db94fd45ff or later

Is CVE-2025-48942 being exploited?

Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

>= 0.8.0, < 0.9.0
from 0, < 08bf7840780980c7568c573c70a6a8db94fd45ff | >= 0.8.0, < 0.9.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References (7)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2025-48942
PATCHgithub.com/vllm-project/vllm
WEBgithub.com/pypa/advisory-database/tree/main/vulns/vllm/PYSEC-2025-54.yaml
WEBgithub.com/vllm-project/vllm/commit/08bf7840780980c7568c573c70a6a8db94fd45ff