What happened
CVE-2025-71379 (CVSS 4.3 Medium) was published to NVD on 2026-06-20. Multiple regex patterns in vLLM versions 0.6.3 through 0.8.x are susceptible to catastrophic backtracking (ReDoS). The affected patterns are in vllm/lora/utils.py (LoRA adapter name validation), the phi4mini tool parser, and the OpenAI-compatible serving chat endpoint. An attacker who can send requests to any of these endpoints can craft an input string that causes the regex engine to consume excessive CPU time.
Why it matters
While the CVSS score is moderate, vLLM's widespread deployment in production AI inference means a ReDoS against the OpenAI-compatible chat endpoint (the primary external interface) could deny service to an entire GPU inference cluster with minimal attacker resources. In pay-per-use or SLA-bound deployments, even brief availability degradation has significant operational and financial impact.
Attack vector
An attacker submits a crafted string input to the OpenAI-compatible serving chat endpoint, the phi4mini tool parser, or a LoRA adapter name field. The input triggers catastrophic backtracking in vulnerable regex patterns in vllm/lora/utils.py, the phi4mini tool parser, or the chat endpoint handler, consuming CPU for an extended period and degrading or denying service to the inference server
Affected systems
vLLM >= 0.6.3 and < 0.9.0
Mitigation
Upgrade vLLM to version 0.9.0 or later. Advisory: https://github.com/vllm-project/vllm/security/advisories/GHSA-j828-28rj-hfhp