CVE-2026-56340

Name of the Vulnerable Software and Affected Versions vLLM versions 0.10.2 through 0.12.x

Description Multimodal embeddings processing lacks sparse tensor validation. Since PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests containing malformed tensor indices, such as negative or out-of-bounds values, when the prompt-embeds feature is enabled. This can lead to crashes, resource exhaustion resulting in denial of service, or potential out-of-bounds/write-what-where memory corruption.

Recommendations Update to version 0.13.0 or later. As a temporary workaround, disable the prompt-embeds feature to minimize the risk of exploitation.