Skip to content
Tools / vllm / Security

Security Deep Dive

vllm

Security posture and CVE patch evidence from tracked releases.

Back to Tool

11 critical dependency CVEs affects v0.22.0.

Audit transitive dependencies; consider upgrading or pinning replacements.

— Signed — SLSA — SBOM ✓ Security policy Weekly cadence · 9d median Active maintainer

Trust Signals — 3 of 9 Present

Evidence already collected from releases and repository metadata.

3/9 Present
Signed releases Unknown
Latest release artifact signature Latest release
SLSA provenance Unknown
Attestation predicate level Latest release
SBOM published Unknown
GitHub SBOM API Latest release
SECURITY.md Present
GitHub repository metadata Repository policy
Checked: 23d ago
Release cadence: weekly Present
9d median over recent releases Release history
Latest release: 5d ago
Maintainer active Present
Recent commit activity Repository
Last commit: 1d ago
Checksums (SHA256SUMS) Not active yet
SHA256SUMS or equivalent Release asset
Latest release: 5d ago
GitHub Actions attestation Not active yet
actions/attest-build-provenance Workflow file
Latest release: 5d ago
Signing assets Not active yet
.sig, .crt, cosign.pub, or similar Release asset
Latest release: 5d ago
3.8/10 Security Score
Dependency Exposure 140 transitive dependency CVEs found in the latest SBOM. 11 critical.

Security Score

A composite score aggregating Scorecard performance, CVE patch history, OpenSSF badge tier, and dependency vulnerability exposure. Score ≥ 7.0 is healthy; < 4.0 warrants attention.

epss

0.25 / 0.5

No EPSS data

freshness

1.00 / 1.0

1d stale

scorecard

2.00 / 4.0

⚠ Estimated — not yet collected

cve health

0.00 / 2.5

No open CVEs

patch speed

0.50 / 0.5

⚠ Estimated — no CVE patch history

kev exposure

1.50 / 1.5

No KEV exposure

supply chain risk

-1.50 / 10.0

Risk 100.0/100

Score breakdown

schema v2

Vulnerability posture

vulnerability posture

0.0

25%

direct cves: clear cve scan: available

Release responsiveness

release responsiveness

10.0

5%

patch speed days: no_history

Dependency exposure

dependency exposure

0.0

10%

supply chain risk: 100.0 transitive cves: 11c/55h

Provenance trust

provenance trust

5.0

40%

scorecard score: estimated openssf badge: none

Maintainer health

maintainer health

10.0

10%

activity freshness: 1d

Operational risk

operational risk

8.5

10%

kev exposure: clear epss max: none
How is this calculated?

The six dimensions group the legacy score signals into weighted categories: direct vulnerability status, patch responsiveness, dependency exposure, provenance checks, maintainer activity, and exploitability risk. The flat component values above remain available for compatibility.

Supply Chain Risk

Risk 100.0/100
11 Transitive critical CVEs
0 KEV-transitive CVEs
34% Dependency freshness

Dependency Vulnerabilities

1194 dependencies scanned View full dependency list →

Scanning the SBOM (Software Bill of Materials) of the latest release for known vulnerabilities in transitive dependencies.

Critical

11

High

55

Medium

54

Low

15

Unknown

5

Still affecting latest (4) All (140)
Critical 11 High 55 Medium 54 Low 15 Unknown 5
CVE Severity KEV Dependency Affected version Cleared in release
CVE-2019-6446 critical numpy v0.20.2
CVE-2021-41945 critical httpx v0.20.2
CVE-2023-48022 critical ray 2.48.0 v0.20.2
CVE-2023-6019 critical ray v0.20.2
CVE-2023-6020 critical ray v0.20.2
CVE-2023-6021 critical ray v0.20.2
CVE-2025-14009 critical nltk 3.9.1 v0.20.2
CVE-2025-34351 critical ray 2.48.0 v0.20.2
CVE-2025-43859 critical h11 0.14.0 v0.20.2
CVE-2025-62593 critical ray 2.48.0 v0.20.2
GHSA-jxr6-qrxx-2ph2 critical num2words v0.20.2
CVE-2013-1633 high setuptools 77.0.3,< 80.0.0 v0.20.2
CVE-2014-1858 high numpy v0.20.2
CVE-2014-1859 high numpy v0.20.2
CVE-2017-12852 high numpy v0.20.2
CVE-2019-14491 high opencv-python-headless v0.20.2
CVE-2019-14492 high opencv-python-headless v0.20.2
CVE-2019-14493 high opencv-python-headless v0.20.2
CVE-2019-5063 high opencv-python-headless v0.20.2
CVE-2019-5064 high opencv-python-headless v0.20.2
CVE-2019-9423 high opencv-python-headless v0.20.2
CVE-2021-40978 high mkdocs v0.20.2
CVE-2021-41495 high numpy v0.20.2
CVE-2022-40897 high setuptools 77.0.3,< 80.0.0 v0.20.2
CVE-2022-40898 high wheel v0.20.2
CVE-2024-11392 high transformers 4.46 v0.20.2
CVE-2024-11393 high transformers 4.46 v0.20.2
CVE-2024-11394 high transformers 4.46 v0.20.2
CVE-2024-26134 high cbor2 v0.20.2
CVE-2024-35515 high sqlitedict 2.1.0 v0.20.2
CVE-2024-6345 high setuptools 77.0.3,< 80.0.0 v0.20.2
CVE-2025-47273 high setuptools 77.0.3 v0.20.2
CVE-2025-53365 high mcp v0.20.2
CVE-2025-53366 high mcp v0.20.2
CVE-2025-66416 high mcp v0.20.2
CVE-2025-66418 high urllib3 2.2.3 v0.20.2
CVE-2025-66471 high urllib3 2.2.3 v0.20.2
CVE-2025-67221 high orjson 3.11.5 v0.20.2
CVE-2025-69223 high aiohttp 3.10 v0.20.2
CVE-2025-69662 high geopandas 1.0.1 v0.20.2
CVE-2026-0846 high nltk 3.9.1 v0.20.2
CVE-2026-0847 high nltk 3.9.1 v0.20.2
CVE-2026-1260 high sentencepiece v0.20.2
CVE-2026-21441 high urllib3 2.2.3 v0.20.2
CVE-2026-23490 high pyasn1 0.6.1 v0.20.2
CVE-2026-24049 high wheel v0.20.2
CVE-2026-25990 high pillow 10.4.0 v0.20.2
CVE-2026-26007 high cryptography 46.0.0 v0.20.2
CVE-2026-26209 high cbor2 v0.20.2
CVE-2026-30922 high pyasn1 0.6.1 v0.20.2
CVE-2026-32274 high black 24.10.0 v0.20.2
CVE-2026-32597 high pyjwt 2.11.0 v0.20.2
CVE-2026-33231 high nltk 3.9.1 v0.20.2
CVE-2026-33236 high nltk 3.9.1 v0.20.2
CVE-2026-40192 high pillow 10.4.0 v0.20.2
CVE-2026-41066 high lxml 5.3.0 v0.20.2
CVE-2026-41486 high ray v0.20.2
CVE-2026-42215 high gitpython 3.1.44 v0.20.2
CVE-2026-42284 high gitpython 3.1.44 v0.20.2
CVE-2026-42311 high pillow 10.4.0 v0.20.2
CVE-2026-42561 high python-multipart 0.0.26 v0.20.2
CVE-2026-44243 high gitpython 3.1.44 v0.20.2
CVE-2026-44244 high gitpython 3.1.44 v0.20.2
CVE-2026-44307 high mako 1.3.10 v0.20.2
CVE-2026-44513 high diffusers 0.36.0 v0.20.2
GHSA-jh2j-j4j9-crg3 high opencv-python-headless v0.20.2
CVE-2017-5992 medium openpyxl v0.20.2
CVE-2019-15939 medium opencv-python-headless v0.20.2
CVE-2019-16249 medium opencv-python-headless v0.20.2
CVE-2019-19624 medium opencv-python-headless v0.20.2
CVE-2021-29510 medium pydantic v0.20.2
CVE-2021-33430 medium numpy v0.20.2
CVE-2021-34141 medium numpy v0.20.2
CVE-2021-41496 medium numpy v0.20.2
CVE-2024-12720 medium transformers 4.46 v0.20.2
CVE-2024-3772 medium pydantic v0.20.2
CVE-2024-42367 medium aiohttp 3.10 v0.20.2
CVE-2024-47081 medium requests 2.32.3 v0.20.2
CVE-2024-52304 medium aiohttp 3.10 v0.20.2
CVE-2025-1194 medium transformers 4.46 v0.20.2
CVE-2025-1979 medium ray v0.20.2
CVE-2025-2099 medium transformers 4.46 v0.20.2
CVE-2025-3263 medium transformers 4.46 v0.20.2
CVE-2025-3264 medium transformers 4.46 v0.20.2
CVE-2025-3933 medium transformers 4.46 v0.20.2
CVE-2025-50181 medium urllib3 2.2.3 v0.20.2
CVE-2025-50182 medium urllib3 2.2.3 v0.20.2
CVE-2025-5197 medium transformers 4.46 v0.20.2
CVE-2025-6051 medium transformers 4.46 v0.20.2
CVE-2025-66034 medium fonttools 4.55.0 v0.20.2
CVE-2025-66221 medium werkzeug 3.1.3 v0.20.2
CVE-2025-6638 medium transformers 4.46 v0.20.2
CVE-2025-68131 medium cbor2 v0.20.2
CVE-2025-68146 medium filelock 3.16.1 v0.20.2
CVE-2025-6921 medium transformers 4.46 v0.20.2
CVE-2025-69227 medium aiohttp 3.10 v0.20.2
CVE-2025-69228 medium aiohttp 3.10 v0.20.2
CVE-2025-69229 medium aiohttp 3.10 v0.20.2
CVE-2025-69872 medium diskcache 5.6.3 v0.20.2
CVE-2025-71176 medium pytest 8.3.5 v0.20.2
CVE-2026-1839 medium transformers 4.46 v0.20.2
CVE-2026-21860 medium werkzeug 3.1.3 v0.20.2
CVE-2026-22701 medium filelock 3.16.1 v0.20.2
CVE-2026-22702 medium virtualenv 20.31.2 v0.20.2
CVE-2026-22815 medium aiohttp 3.13.3 v0.20.2
CVE-2026-25645 medium requests 2.32.3 v0.20.2
CVE-2026-27199 medium werkzeug 3.1.3 v0.20.2
CVE-2026-27482 medium ray 2.48.0 v0.20.2
CVE-2026-33230 medium nltk 3.9.1 v0.20.2
CVE-2026-34450 medium anthropic v0.20.2
CVE-2026-34452 medium anthropic v0.20.2
CVE-2026-34515 medium aiohttp 3.13.3 v0.20.2
CVE-2026-34516 medium aiohttp 3.13.3 v0.20.2
CVE-2026-34525 medium aiohttp 3.13.3 v0.20.2
CVE-2026-39892 medium cryptography 46.0.5 v0.20.2
CVE-2026-41205 medium mako 1.3.10 v0.20.2
CVE-2026-42308 medium pillow 10.4.0 v0.20.2
CVE-2026-42309 medium pillow 12.1.1 v0.20.2
CVE-2026-42310 medium pillow 10.4.0 v0.20.2
GHSA-rf74-v2fm-23pw medium nltk 3.9.1 v0.20.2
CVE-2024-34062 low tqdm 4.66 v0.20.2
CVE-2025-3777 low transformers 4.46 v0.20.2
CVE-2025-53643 low aiohttp 3.10 v0.20.2
CVE-2025-69224 low aiohttp 3.10 v0.20.2
CVE-2025-69225 low aiohttp 3.10 v0.20.2
CVE-2025-69226 low aiohttp 3.10 v0.20.2
CVE-2025-69230 low aiohttp 3.10 v0.20.2
CVE-2026-34073 low cryptography 46.0.5 v0.20.2
CVE-2026-34513 low aiohttp 3.13.3 v0.20.2
CVE-2026-34514 low aiohttp 3.13.3 v0.20.2
CVE-2026-34517 low aiohttp 3.13.3 v0.20.2
CVE-2026-34518 low aiohttp 3.13.3 v0.20.2
CVE-2026-34519 low aiohttp 3.13.3 v0.20.2
CVE-2026-34520 low aiohttp 3.13.3 v0.20.2
CVE-2026-4539 low pygments 2.18.0 v0.20.2
CVE-2020-13091 unknown pandas v0.20.2
CVE-2022-42969 unknown py 1.11.0 v0.20.2
MAL-2025-6794 unknown num2words v0.20.2
PYSEC-2023-184 unknown opencv-python-headless v0.20.2
PYSEC-2025-72 unknown num2words v0.20.2

Showing 140 of 140

Beta — feedback welcome: [email protected]