CVE-2025-48943 — vLLM allows clients to crash the openai server with invalid regex

Description

vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 up to but excluding 0.9.0 have a Denial of Service (ReDoS) that causes the vLLM server to crash if an invalid regex was provided while using structured output. This vulnerability is similar to GHSA-6qc9-v4r8-22xg/CVE-2025-48942, but for regex instead of a JSON schema. Version 0.9.0 fixes the issue.

How to fix CVE-2025-48943

To remediate CVE-2025-48943, upgrade the affected package to a fixed version below.

—upgrade to 0.9.0 or later
—upgrade to 08bf7840780980c7568c573c70a6a8db94fd45ff or later

Is CVE-2025-48943 being exploited?

Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

>= 0.8.0, < 0.9.0
from 0, < 08bf7840780980c7568c573c70a6a8db94fd45ff | >= 0.8.0, < 0.9.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References (7)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2025-48943
PATCHgithub.com/vllm-project/vllm
WEBgithub.com/pypa/advisory-database/tree/main/vulns/vllm/PYSEC-2025-55.yaml
WEBgithub.com/vllm-project/vllm/commit/08bf7840780980c7568c573c70a6a8db94fd45ff