CVE-2026-4944

NONE EPSS 50.2%
Published May 28, 20261mo ago · Modified Jun 17, 20262w ago
Find Similar
Published May 28, 2026 1mo ago
Last Modified Jun 17, 2026 2w ago

Description

vllm-project/vllm version 0.14.1 contains a vulnerability where the `trust_remote_code=True` parameter is hardcoded in two model implementation files (`vllm/model_executor/models/nemotron_vl.py` and `vllm/model_executor/models/kimi_k25.py`). This bypasses the user's explicit `--trust-remote-code=False` setting, enabling remote code execution via malicious HuggingFace model repositories. This issue is an incomplete fix for CVE-2025-66448 and CVE-2026-22807, as it affects separate code paths in model implementation files. Deployments loading NemotronVL or KimiK25 models are particularly impacted.

Threat Intelligence

EPSS Exploit Probability
50.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

References 1

  • huntr.com https://huntr.com/bounties/97f706f7-a852-49b2-a4eb-76811e611daf

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.