Trust and health report
GitChameleon - trust report
Sourced, dated trust signals - maintenance label posture, repository provenance, and security scan status. Not a composite safety grade.
GraphCanon updated today · GitHub synced today
Maintenance
Recency and activity heuristics from public GitHub metadata (maintenance label, momentum); methodology: github_public_v1.
last push 358d ago
Provenance
Repository identity and fork provenance (github_public_v1).
- GitHub repo id: 871284013
- Not a fork
- Personal account
- Computed today
Security scan
Dependency advisory security scan when a lockfile is present. Not a full code audit.
- Status
- 3 critical, 10 high, 12 medium, 23 low
- Last scan
- today
- Scanner
- osv@v1
Findings
vLLM is vulnerable to Server-Side Request Forgery (SSRF) through `MediaConnector` class
vllm@0.6.3 · CVE-2025-6242 · requirements.txt
vLLM: Unauthenticated OOM Denial of Service via Unbounded `n` Parameter in OpenAI API Server
vllm@0.6.3 · CVE-2026-34756 · requirements.txt
vLLM's Artifact Pin Decay allows pinned deployments to load unpinned code, weights, and processors
vllm@0.6.3 · CVE-2026-47155 · requirements.txt
Potential Timing Side-Channel Vulnerability in vLLM’s Chunk-Based Prefix Caching
vllm@0.6.3 · CVE-2025-46570 · requirements.txt
vLLM: GGUF dequantize kernel int truncation exposes uninitialized GPU memory in multi-tenant serving
vllm@0.6.3 · CVE-2026-53923 · requirements.txt
vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`
vllm@0.6.3 · CVE-2025-62426 · requirements.txt
vLLM: Resource-Exhaustion (DoS) through Malicious Jinja Template in OpenAI-Compatible Server
vllm@0.6.3 · CVE-2025-61620 · requirements.txt
vLLM: OOM Denial of Service via Audio Decompression Bomb
vllm@0.6.3 · CVE-2026-54233 · requirements.txt
vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels
vllm@0.6.3 · CVE-2026-54235 · requirements.txt
vLLM vulnerable to remote code execution via transformers_utils/get_config
vllm@0.6.3 · CVE-2025-66448 · requirements.txt
vLLM: OpenAI auth bypass
vllm@0.6.3 · CVE-2026-48746 · requirements.txt
vllm has Improper Resource Shutdown or Release
vllm@0.6.3 · CVE-2026-9540 · requirements.txt
Data exposure via ZeroMQ on multi-node vLLM deployment
vllm@0.6.3 · CVE-2025-30202 · requirements.txt
Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration
vllm@0.6.3 · CVE-2025-30165 · requirements.txt
CVE-2025-24357 Malicious model remote code execution fix bypass with PyTorch < 2.6.0
vllm@0.6.3 · requirements.txt
vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router
vllm@0.6.3 · CVE-2026-54236 · requirements.txt
vLLM Vulnerable to Remote DoS via Special-Token Placeholders
vllm@0.6.3 · CVE-2026-44222 · requirements.txt
vLLM vulnerable to Regular Expression Denial of Service
vllm@0.6.3 · CVE-2025-71379 · requirements.txt
vLLM denial of service via outlines unbounded cache on disk
vllm@0.6.3 · CVE-2025-29770 · requirements.txt
vLLM deserialization vulnerability in vllm.distributed.GroupCoordinator.recv_object
vllm@0.6.3 · CVE-2024-9052 · requirements.txt
vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs
vllm@0.6.3 · CVE-2025-62372 · requirements.txt
vLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arbitrary Code Execution
vllm@0.6.3 · CVE-2026-41523 · requirements.txt
vLLM vulnerable to Server-Side Request Forgery (SSRF) through MediaConnector
vllm@0.6.3 · CVE-2026-24779 · requirements.txt
vllm: Malicious model to RCE by torch.load in hf_model_weights_iterator
vllm@0.6.3 · CVE-2025-24357 · requirements.txt
vLLM uses Python 3.12 built-in hash() which leads to predictable hash collisions in prefix cache
vllm@0.6.3 · CVE-2025-25183 · requirements.txt
vllm API endpoints vulnerable to Denial of Service Attacks
vllm@0.6.3 · CVE-2025-48956 · requirements.txt
vLLM is vulnerable to timing attack at bearer auth
vllm@0.6.3 · CVE-2025-59425 · requirements.txt
vLLM makes Use of Uninitialized Resource
vllm@0.6.3 · CVE-2026-7141 · requirements.txt
PYSEC-2025-223
vllm@0.6.3 · CVE-2025-29770 · requirements.txt
PYSEC-2025-42
vllm@0.6.3 · CVE-2025-32444 · requirements.txt
PYSEC-2025-43
vllm@0.6.3 · CVE-2025-46722 · requirements.txt
PYSEC-2025-50
vllm@0.6.3 · CVE-2025-48887 · requirements.txt
PYSEC-2025-53
vllm@0.6.3 · CVE-2025-46570 · requirements.txt
PYSEC-2025-58
vllm@0.6.3 · CVE-2025-24357 · requirements.txt
PYSEC-2025-62
vllm@0.6.3 · CVE-2025-25183 · requirements.txt
vLLM is vulnerable to Server-Side Request Forgery (SSRF) through `MediaConnector` class
vllm@0.6.3 · CVE-2025-6242 · requirements.txt
vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs`
vllm@0.6.3 · CVE-2025-62426 · requirements.txt
vLLM: Resource-Exhaustion (DoS) through Malicious Jinja Template in OpenAI-Compatible Server
vllm@0.6.3 · CVE-2025-61620 · requirements.txt
vLLM vulnerable to remote code execution via transformers_utils/get_config
vllm@0.6.3 · CVE-2025-66448 · requirements.txt
Data exposure via ZeroMQ on multi-node vLLM deployment
vllm@0.6.3 · CVE-2025-30202 · requirements.txt
Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration
vllm@0.6.3 · CVE-2025-30165 · requirements.txt
vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs
vllm@0.6.3 · CVE-2025-62372 · requirements.txt
vLLM vulnerable to Server-Side Request Forgery (SSRF) through MediaConnector
vllm@0.6.3 · CVE-2026-24779 · requirements.txt
vllm API endpoints vulnerable to Denial of Service Attacks
vllm@0.6.3 · CVE-2025-48956 · requirements.txt
vLLM is vulnerable to timing attack at bearer auth
vllm@0.6.3 · CVE-2025-59425 · requirements.txt
PYSEC-2026-226
vllm@0.6.3 · CVE-2026-48746 · requirements.txt
PYSEC-2026-227
vllm@0.6.3 · CVE-2026-54232 · requirements.txt
vLLM deserialization vulnerability in vllm.distributed.GroupCoordinator.recv_object
vllm@0.6.3 · CVE-2024-9052 · requirements.txt
Method and caveats:these are sourced, dated heuristics from public GitHub data and optional dependency scans. A status like "no criticals found on 2026-07-11" is not a guarantee of safety. Read the full trust methodology · JSON report at /api/graphcanon/tools/nizarislah-gitchameleon/trust.
Common questions
- Is GitChameleon maintained?
- GraphCanon rates GitChameleon "Slowing" (36% maintenance signal from public GitHub metadata, computed today). Last push was 358 days ago. This is a recency heuristic, not a guarantee the project will stay maintained.
- Is GitChameleon safe to use?
- Last scanned today (deps profile). Status: 3 critical, 10 high, 12 medium, 23 low - 3 critical, 10 high, 12 medium, 23 low finding(s) in the latest scan. GraphCanon does not claim the project is safe or vulnerability-free; review findings on the trust report. GraphCanon does not certify GitChameleon as safe - review maintenance, provenance, and scan findings on this page before adopting.
- Is GitChameleon a fork?
- No. GitChameleon is not flagged as a fork in GitHub metadata at the time of the last refresh.
- Does GitChameleon have known security vulnerabilities?
- Last scanned today (deps profile). Status: 3 critical, 10 high, 12 medium, 23 low - 3 critical, 10 high, 12 medium, 23 low finding(s) in the latest scan. GraphCanon does not claim the project is safe or vulnerability-free; review findings on the trust report.
- How often is the GitChameleon trust report updated?
- Trust signals refresh on GitHub ingest/refresh cycles and optional dependency/MCP scans. This report was computed today (methodology github_public_v1).
- What does GraphCanon never claim about GitChameleon?
- We never publish a composite safety grade, pen-test endorsement, or "verified secure" label for GitChameleon. Signals are sourced heuristics with explicit limits - see trust methodology.
- How does GraphCanon assess trust for GitChameleon?
- Signals are sourced from public GitHub metadata and optional dependency/MCP manifest scans, each tagged with methodology version and computed date. GraphCanon does not publish a composite safety grade. Read trust methodology for full scope and limits.