Title:vLLM 代码注入漏洞 (CVE-2026-22807) Description:vLLM是vLLM开源的一个适用于 LLM 的高吞吐量和内存高效推理和服务引擎。 vLLM 0.10.1版本至0.14.0之前版本存在代码注入漏洞,该漏洞源于在模型解析期间加载Hugging Face auto_map动态模块时未受信任远程代码控制,可能导致攻击者在模型加载时执行任意代码。
Description
CVE-2026-22807的靶场
File Snapshot
None
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.