vLLM – Authentication Bypass via Host Header Manipulation (CVE-2026-48746) | Uganda National Computer Emergency Response Team-National Cert

Scope: vLLM AI Inference Deployments, All Vulnerable Versions

Severity: High

An authentication bypass vulnerability in vLLM allows remote, unauthenticated attackers with network access to bypass security controls and interact with restricted inference APIs by transmitting manipulated Host headers. Exploitation requires no user interaction and gives attackers direct access to protected AI model endpoints, allowing them to extract sensitive prompts, capture model responses, and generate heavy inference workloads at the organization's expense. Given the high exploitation probability reflected by an EPSS score of 22.93% and the release of public technical details, exposed vLLM instances face imminent risk. Organizations must immediately apply the latest vLLM security patches, restrict network access to vLLM inference endpoints using robust firewalls or VPNs, implement strict reverse-proxy configurations that validate and reject malformed Host headers, and continuously monitor API usage logs for abnormal resource consumption.

The Uganda National CERT and Coordination Center (CERT.UG/CC) encourages users and administrators to review the vLLM CVE-2026-48746 Record and apply the necessary updates.

vLLM – Authentication Bypass via Host Header Manipulation (CVE-2026-48746)

n8n – Credential Vault Exfiltration via Endpoint Abuse (CVE-2026-56348)

Recent Advisories

Categories

Contact info

Useful Links

Subscribe to our Mailing List

vLLM – Authentication Bypass via Host Header Manipulation (CVE-2026-48746)

RELATED ADVISORIES

n8n – Credential Vault Exfiltration via Endpoint Abuse (CVE-2026-56348)

Recent Advisories

Categories