CVE-2026-34753: vLLM: Server-Side Request Forgery (SSRF) in `download_bytes_from_url `

April 3, 2026 (updated April 6, 2026)

A Server Side Request Forgery (SSRF) vulnerability in download_bytes_from_url allows any actor who can control batch input JSON to make the vLLM batch runner issue arbitrary HTTP/HTTPS requests from the server, without any URL validation or domain restrictions.

This can be used to target internal services (e.g. cloud metadata endpoints or internal HTTP APIs) reachable from the vLLM host.

References

github.com/advisories/GHSA-pf3h-qjgv-vcpr
github.com/vllm-project/vllm
github.com/vllm-project/vllm/commit/57861ae48d3493fa48b4d7d830b7ec9f995783e7
github.com/vllm-project/vllm/pull/38482
github.com/vllm-project/vllm/security/advisories/GHSA-pf3h-qjgv-vcpr
nvd.nist.gov/vuln/detail/CVE-2026-34753

Code Behaviors & Features

Detect and mitigate CVE-2026-34753 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →