CVE-2026-41523: vLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arbitrary Code Execution

June 16, 2026

An assert-based security check in vLLM’s activation function loading allows any unauthenticated attacker to achieve arbitrary code execution on the server by publishing a malicious HuggingFace model, when vLLM runs in Python optimized mode (python -O or PYTHONOPTIMIZE=1).

References

github.com/advisories/GHSA-q8gq-377p-jq3r
github.com/vllm-project/vllm/commit/b3c7ffcab82c2439726f8cb213800f6f38c023d3
github.com/vllm-project/vllm/security/advisories/GHSA-q8gq-377p-jq3r
huntr.com/bounties/dcb05b04-e625-41e7-adbc-bbae0cc2d64c
nvd.nist.gov/vuln/detail/CVE-2026-41523

Code Behaviors & Features

Detect and mitigate CVE-2026-41523 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →