dCERT Flags vLLM Flaws and Spring Security Authentication Bypass
dCERT published two security advisories covering separate software risks: multiple vulnerabilities in vllm and a VMware Tanzu Spring Security flaw that can bypass security measures. The vllm advisory identifies more than one issue affecting the large language model serving software, while the Spring Security advisory warns that affected deployments may allow protections to be circumvented.
The notices indicate that organizations using either product should review the relevant dCERT advisories, determine exposure in their environments, and prioritize remediation. The Spring Security issue is especially significant for internet-facing or authentication-dependent applications because a bypass in security controls can undermine access restrictions, while the vllm findings raise concern for AI infrastructure operators running vulnerable versions in production or shared environments.
Timeline
May 6, 2026
dCERT publishes vLLM denial-of-service vulnerability advisory
dCERT published Advisory 2026-1341 for vLLM describing a vulnerability that allows denial of service. The reference does not provide additional technical details, exploitation information, or remediation timeline.
Apr 29, 2026
dCERT publishes vLLM denial-of-service vulnerability advisory
dCERT published Advisory 2026-1279 for vLLM describing a vulnerability that allows denial of service. The reference does not provide additional technical details, exploitation information, or remediation timeline.
Apr 28, 2026
dCERT publishes vLLM file manipulation vulnerability advisory
dCERT published Advisory 2026-1267 for vLLM, describing a KV Block Handler vulnerability that allows manipulation of files. The reference does not provide additional technical details, exploitation information, or remediation timeline.
Apr 22, 2026
dCERT publishes VMware Tanzu Spring Security multiple vulnerabilities advisory
dCERT published Advisory 2026-1199 for VMware Tanzu Spring Security identifying multiple vulnerabilities. The reference does not provide additional technical details, exploitation information, or remediation timeline.
Apr 8, 2026
dCERT publishes vLLM multiple vulnerabilities advisory
dCERT published Advisory 2026-0966 for vLLM identifying multiple vulnerabilities. The reference provides no additional technical details, exploitation information, or remediation timeline.
Mar 27, 2026
dCERT publishes vLLM code execution vulnerability advisory
dCERT published Advisory 2026-0869 for vLLM describing a vulnerability that allows code execution. The reference does not provide additional technical details or remediation information.
Mar 20, 2026
dCERT publishes VMware Tanzu Spring Security advisory
dCERT published Advisory 2026-0783 for VMware Tanzu Spring Security, describing a vulnerability that allows bypassing security measures. The reference does not include further details on exploitation or patch availability.
Jan 22, 2026
dCERT publishes vLLM multiple vulnerabilities advisory
dCERT published Advisory 2026-0194 for vLLM, identifying multiple vulnerabilities in the software. No additional technical details or remediation timeline are provided in the reference.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Sources
3 more from sources like dcert
Related Stories
Spring fixes TLS hostname verification flaws and DevTools timing attack issue
Spring published advisories for four vulnerabilities affecting its ecosystem, including three flaws in auto-configuration for **Elasticsearch**, **Cassandra**, and **RabbitMQ** that can disable TLS hostname verification when an SSL bundle is used. The issues are tracked as `CVE-2026-40970`, `CVE-2026-40974`, and `CVE-2026-40971`, respectively, and could weaken certificate validation for connections to those backend services. A fourth advisory, `CVE-2026-40972`, affects **Spring DevTools** and states that remote secret comparison is vulnerable to timing attacks. Together, the disclosures highlight risks in both transport security and authentication-related logic, with the TLS-related bugs potentially exposing applications to man-in-the-middle scenarios and the DevTools issue creating an avenue for attackers to infer secrets through response timing differences.
1 weeks ago
Critical RCE Flaws Disclosed in Ivanti CSA and VMware vCenter
Critical vulnerabilities were disclosed in **Ivanti Cloud Services Application (CSA)** and **VMware vCenter Server** products, exposing enterprise management platforms to remote compromise. Ivanti said CSA `5.0.2` and earlier contain three flaws—`CVE-2024-11639`, `CVE-2024-11772`, and `CVE-2024-11773`—that can enable authentication bypass, remote code execution, and arbitrary SQL query execution through the administrator browser console, with the most severe issues rated **CVSS 10.0**. Ivanti released fixes in CSA `5.0.3` and urged customers to update immediately. VMware also disclosed two vulnerabilities affecting **vCenter Server** and **VMware Cloud Foundation**: `CVE-2024-38812`, a heap overflow that can allow arbitrary code execution, and `CVE-2024-38813`, which can enable privilege escalation to root. The flaws affect vCenter Server `7.0` and `8.0` as well as VMware Cloud Foundation `4.x` and `5.x`, and can be exploited remotely over the network using specially crafted packets. In both vendor notices, no active exploitation had been confirmed at the time of disclosure, but organizations and service providers were advised to apply vendor-fixed versions without delay because successful attacks could result in full administrative compromise.
1 weeks ago
High-Severity Flaws in Langflow and vLLM Expose Secrets and Enable RCE
Two high-severity vulnerabilities were disclosed in widely used AI application components, affecting **Langflow** and **vLLM**. In Langflow, `CVE-2026-33497` impacts versions before **1.7.1** and stems from improper filtering of `folder_name` and `file_name` in the `/profile_pictures/{folder_name}/{file_name}` endpoint. The path traversal flaw (`CWE-22`) allows unauthenticated attackers to read files across directories, including the application's `secret_key`, creating a direct risk of secret exposure and follow-on compromise. The issue is addressed in **Langflow 1.7.1** and tracked in GitHub advisory `GHSA-ph9w-r52h-28p7`. A separate flaw in vLLM, `CVE-2026-27893`, can lead to **remote code execution** by bypassing a user's attempt to disable remote code trust. In versions from **0.10.1** up to but not including **0.18.0**, two model implementation files hardcoded `trust_remote_code=True`, overriding the safer `--trust-remote-code=False` setting and allowing malicious model repositories to run code during model use. The vulnerability, classified as `CWE-693`, was patched in **vLLM 0.18.0**, underscoring supply-chain and configuration-bypass risks in AI infrastructure components.
1 months ago