{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/vllm/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["vLLM","RCE","CVE-2026-27893"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003evLLM is an inference and serving engine for large language models (LLMs). Prior to version 0.18.0, specifically from version 0.10.1, a critical vulnerability exists. Two model implementation files within vLLM hardcode the setting \u003ccode\u003etrust_remote_code=True\u003c/code\u003e when loading sub-components of models. This design flaw bypasses the user\u0026rsquo;s explicit security intention to disable remote code execution using the \u003ccode\u003e--trust-remote-code=False\u003c/code\u003e option. An attacker could craft a malicious model repository that…\u003c/p\u003e\n","date_modified":"2026-03-27T00:16:22Z","date_published":"2026-03-27T00:16:22Z","id":"/briefs/2026-03-vllm-rce/","summary":"vLLM versions before 0.18.0 are vulnerable to remote code execution due to hardcoded trust of remote code, even when explicitly disabled by the user, allowing attackers to execute arbitrary code via malicious model repositories.","title":"vLLM Remote Code Execution Vulnerability (CVE-2026-27893)","url":"https://feed.craftedsignal.io/briefs/2026-03-vllm-rce/"}],"language":"en","title":"CraftedSignal Threat Feed — VLLM","version":"https://jsonfeed.org/version/1.1"}