{"data":{"slug":"nizarislah-gitchameleon","name":"GitChameleon","trust":{"provenance":{"is_fork":false,"github_id":871284013,"owner_type":"User","methodology":"github_public_v1","parent_repo":null,"near_duplicate_slugs":[]},"computed_at":"2026-07-11T23:45:36.401Z","maintenance":{"label":"Slowing","score":36,"methodology":"github_public_v1","releases_90d":0,"days_since_push":358,"last_release_at":null},"security_summary":{"status":"findings","scanner":"osv@v1","low_count":23,"high_count":10,"last_scan_at":"2026-07-11T23:45:36.847Z","medium_count":12,"scan_profile":"deps","critical_count":3}},"findings":[{"id":"GHSA-3f6c-7fw2-ppm4","severity":"high","title":"vLLM is vulnerable to Server-Side Request Forgery (SSRF) through `MediaConnector` class","package":"vllm@0.6.3","cve":"CVE-2025-6242","location":"requirements.txt"},{"id":"GHSA-3mwp-wvh9-7528","severity":"medium","title":"vLLM: Unauthenticated OOM Denial of Service via Unbounded `n` Parameter in OpenAI API Server","package":"vllm@0.6.3","cve":"CVE-2026-34756","location":"requirements.txt"},{"id":"GHSA-3ww4-5jv9-j5gm","severity":"medium","title":"vLLM's Artifact Pin Decay allows pinned deployments to load unpinned code, weights, and processors","package":"vllm@0.6.3","cve":"CVE-2026-47155","location":"requirements.txt"},{"id":"GHSA-4qjh-9fv9-r85r","severity":"low","title":"Potential Timing Side-Channel Vulnerability in vLLM’s Chunk-Based Prefix Caching","package":"vllm@0.6.3","cve":"CVE-2025-46570","location":"requirements.txt"},{"id":"GHSA-5jv2-g5wq-cmr4","severity":"medium","title":"vLLM: GGUF dequantize kernel int truncation exposes uninitialized GPU memory in multi-tenant serving","package":"vllm@0.6.3","cve":"CVE-2026-53923","location":"requirements.txt"},{"id":"GHSA-69j4-grxj-j64p","severity":"medium","title":"vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`","package":"vllm@0.6.3","cve":"CVE-2025-62426","location":"requirements.txt"},{"id":"GHSA-6fvq-23cw-5628","severity":"medium","title":"vLLM: Resource-Exhaustion (DoS) through Malicious Jinja Template in OpenAI-Compatible Server","package":"vllm@0.6.3","cve":"CVE-2025-61620","location":"requirements.txt"},{"id":"GHSA-6pr9-rp53-2pmc","severity":"medium","title":"vLLM: OOM Denial of Service via Audio Decompression Bomb","package":"vllm@0.6.3","cve":"CVE-2026-54233","location":"requirements.txt"},{"id":"GHSA-7h4p-rffg-7823","severity":"medium","title":"vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels","package":"vllm@0.6.3","cve":"CVE-2026-54235","location":"requirements.txt"},{"id":"GHSA-8fr4-5q9j-m8gm","severity":"high","title":"vLLM vulnerable to remote code execution via transformers_utils/get_config","package":"vllm@0.6.3","cve":"CVE-2025-66448","location":"requirements.txt"},{"id":"GHSA-94f4-hr76-p5j6","severity":"critical","title":"vLLM: OpenAI auth bypass","package":"vllm@0.6.3","cve":"CVE-2026-48746","location":"requirements.txt"},{"id":"GHSA-98f3-hwg4-4rf7","severity":"medium","title":"vllm has Improper Resource Shutdown or Release","package":"vllm@0.6.3","cve":"CVE-2026-9540","location":"requirements.txt"},{"id":"GHSA-9f8f-2vmf-885j","severity":"high","title":"Data exposure via ZeroMQ on multi-node vLLM deployment","package":"vllm@0.6.3","cve":"CVE-2025-30202","location":"requirements.txt"},{"id":"GHSA-9pcc-gvx5-r5wm","severity":"high","title":"Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration","package":"vllm@0.6.3","cve":"CVE-2025-30165","location":"requirements.txt"},{"id":"GHSA-ggpf-24jw-3fcw","severity":"critical","title":"CVE-2025-24357 Malicious model remote code execution fix bypass with PyTorch < 2.6.0","package":"vllm@0.6.3","location":"requirements.txt"},{"id":"GHSA-hgg8-fqqc-vfmw","severity":"medium","title":"vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router","package":"vllm@0.6.3","cve":"CVE-2026-54236","location":"requirements.txt"},{"id":"GHSA-hpv8-x276-m59f","severity":"medium","title":"vLLM Vulnerable to Remote DoS via Special-Token Placeholders","package":"vllm@0.6.3","cve":"CVE-2026-44222","location":"requirements.txt"},{"id":"GHSA-j828-28rj-hfhp","severity":"medium","title":"vLLM vulnerable to Regular Expression Denial of Service","package":"vllm@0.6.3","cve":"CVE-2025-71379","location":"requirements.txt"},{"id":"GHSA-mgrm-fgjv-mhv8","severity":"medium","title":"vLLM denial of service via outlines unbounded cache on disk","package":"vllm@0.6.3","cve":"CVE-2025-29770","location":"requirements.txt"},{"id":"GHSA-pgr7-mhp5-fgjp","severity":"critical","title":"vLLM deserialization vulnerability in vllm.distributed.GroupCoordinator.recv_object","package":"vllm@0.6.3","cve":"CVE-2024-9052","location":"requirements.txt"},{"id":"GHSA-pmqf-x6x8-p7qw","severity":"high","title":"vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs","package":"vllm@0.6.3","cve":"CVE-2025-62372","location":"requirements.txt"},{"id":"GHSA-q8gq-377p-jq3r","severity":"high","title":"vLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arbitrary Code Execution","package":"vllm@0.6.3","cve":"CVE-2026-41523","location":"requirements.txt"},{"id":"GHSA-qh4c-xf7m-gxfc","severity":"high","title":"vLLM vulnerable to Server-Side Request Forgery (SSRF) through MediaConnector","package":"vllm@0.6.3","cve":"CVE-2026-24779","location":"requirements.txt"},{"id":"GHSA-rh4j-5rhw-hr54","severity":"high","title":"vllm: Malicious model to RCE by torch.load in hf_model_weights_iterator","package":"vllm@0.6.3","cve":"CVE-2025-24357","location":"requirements.txt"},{"id":"GHSA-rm76-4mrf-v9r8","severity":"low","title":"vLLM uses Python 3.12 built-in hash() which leads to predictable hash collisions in prefix cache","package":"vllm@0.6.3","cve":"CVE-2025-25183","location":"requirements.txt"},{"id":"GHSA-rxc4-3w6r-4v47","severity":"high","title":"vllm API endpoints vulnerable to Denial of Service Attacks","package":"vllm@0.6.3","cve":"CVE-2025-48956","location":"requirements.txt"},{"id":"GHSA-wr9h-g72x-mwhm","severity":"high","title":"vLLM is vulnerable to timing attack at bearer auth","package":"vllm@0.6.3","cve":"CVE-2025-59425","location":"requirements.txt"},{"id":"GHSA-x368-4g9h-fvv4","severity":"low","title":"vLLM makes Use of Uninitialized Resource","package":"vllm@0.6.3","cve":"CVE-2026-7141","location":"requirements.txt"},{"id":"PYSEC-2025-223","severity":"low","title":"PYSEC-2025-223","package":"vllm@0.6.3","cve":"CVE-2025-29770","location":"requirements.txt"},{"id":"PYSEC-2025-42","severity":"low","title":"PYSEC-2025-42","package":"vllm@0.6.3","cve":"CVE-2025-32444","location":"requirements.txt"},{"id":"PYSEC-2025-43","severity":"low","title":"PYSEC-2025-43","package":"vllm@0.6.3","cve":"CVE-2025-46722","location":"requirements.txt"},{"id":"PYSEC-2025-50","severity":"low","title":"PYSEC-2025-50","package":"vllm@0.6.3","cve":"CVE-2025-48887","location":"requirements.txt"},{"id":"PYSEC-2025-53","severity":"low","title":"PYSEC-2025-53","package":"vllm@0.6.3","cve":"CVE-2025-46570","location":"requirements.txt"},{"id":"PYSEC-2025-58","severity":"low","title":"PYSEC-2025-58","package":"vllm@0.6.3","cve":"CVE-2025-24357","location":"requirements.txt"},{"id":"PYSEC-2025-62","severity":"low","title":"PYSEC-2025-62","package":"vllm@0.6.3","cve":"CVE-2025-25183","location":"requirements.txt"},{"id":"PYSEC-2026-2011","severity":"low","title":"vLLM is vulnerable to Server-Side Request Forgery (SSRF) through `MediaConnector` class","package":"vllm@0.6.3","cve":"CVE-2025-6242","location":"requirements.txt"},{"id":"PYSEC-2026-2012","severity":"low","title":"vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`","package":"vllm@0.6.3","cve":"CVE-2025-62426","location":"requirements.txt"},{"id":"PYSEC-2026-2013","severity":"low","title":"vLLM: Resource-Exhaustion (DoS) through Malicious Jinja Template in OpenAI-Compatible Server","package":"vllm@0.6.3","cve":"CVE-2025-61620","location":"requirements.txt"},{"id":"PYSEC-2026-2015","severity":"low","title":"vLLM vulnerable to remote code execution via transformers_utils/get_config","package":"vllm@0.6.3","cve":"CVE-2025-66448","location":"requirements.txt"},{"id":"PYSEC-2026-2016","severity":"low","title":"Data exposure via ZeroMQ on multi-node vLLM deployment","package":"vllm@0.6.3","cve":"CVE-2025-30202","location":"requirements.txt"},{"id":"PYSEC-2026-2017","severity":"low","title":"Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration","package":"vllm@0.6.3","cve":"CVE-2025-30165","location":"requirements.txt"},{"id":"PYSEC-2026-2019","severity":"low","title":"vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs","package":"vllm@0.6.3","cve":"CVE-2025-62372","location":"requirements.txt"},{"id":"PYSEC-2026-2020","severity":"low","title":"vLLM vulnerable to Server-Side Request Forgery (SSRF) through MediaConnector","package":"vllm@0.6.3","cve":"CVE-2026-24779","location":"requirements.txt"},{"id":"PYSEC-2026-2021","severity":"low","title":"vllm API endpoints vulnerable to Denial of Service Attacks","package":"vllm@0.6.3","cve":"CVE-2025-48956","location":"requirements.txt"},{"id":"PYSEC-2026-2026","severity":"low","title":"vLLM is vulnerable to timing attack at bearer auth","package":"vllm@0.6.3","cve":"CVE-2025-59425","location":"requirements.txt"},{"id":"PYSEC-2026-226","severity":"low","title":"PYSEC-2026-226","package":"vllm@0.6.3","cve":"CVE-2026-48746","location":"requirements.txt"},{"id":"PYSEC-2026-227","severity":"low","title":"PYSEC-2026-227","package":"vllm@0.6.3","cve":"CVE-2026-54232","location":"requirements.txt"},{"id":"PYSEC-2026-568","severity":"low","title":"vLLM deserialization vulnerability in vllm.distributed.GroupCoordinator.recv_object","package":"vllm@0.6.3","cve":"CVE-2024-9052","location":"requirements.txt"}],"methodology":"github_public_v1"}}