Wumingzhilian

**Name of the Vulnerable Software and Affected Versions** vLLM versions 0.6.1 through 0.19.x **Description** A Token Injection issue exists in the multimodal processing of vLLM. Unauthenticated, text-only prompts containing special tokens are interpreted as control commands. When image and video placeholder sequences are provided without corresponding data, the system attempts to index into empty grids during input-position computation. This triggers an unhandled `IndexError` in the `get input positions tensor()` and ` vl get input positions tensor()` functions, which can terminate the worker or degrade service availability, leading to a remote Denial of Service. The issue specifically affects multimodal paths relying on `image grid thw` and `video grid thw` variables. **Recommendations** Update to version 0.20.0. As a temporary workaround, restrict the use of the ` vl get input positions tensor()` function or sanitize user inputs to prevent the injection of multimodal placeholder tokens in text-only prompts.