Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
vLLM Enables Remote Code Execution When Disabled
CVE-2026-27893
Summary
vLLM versions 0.10.1 to 0.17.9 may allow malicious code to run on your system if you've disabled remote code execution. This is a security risk. Update to v0.18.0 or later to fix the issue.
Original title
vLLM is an inference and serving engine for large language models (LLMs). Starting in version 0.10.1 and prior to version 0.18.0, two model implementation files hardcode `trust_remote_code=True` wh...
Original description
vLLM is an inference and serving engine for large language models (LLMs). Starting in version 0.10.1 and prior to version 0.18.0, two model implementation files hardcode `trust_remote_code=True` when loading sub-components, bypassing the user's explicit `--trust-remote-code=False` security opt-out. This enables remote code execution via malicious model repositories even when the user has explicitly disabled remote code trust. Version 0.18.0 patches the issue.
nvd CVSS3.1
8.8
Vulnerability type
CWE-693
Protection Mechanism Failure
Published: 27 Mar 2026 · Updated: 27 Mar 2026 · First seen: 27 Mar 2026