EXECUTIVE SUMMARY:
CVE-2026-27893 vulnerability with a CVSS score of 8.8 enables remote code execution despite explicit user opt-out by hardcoding trust_remote_code=True in model implementation files, allowing attackers to craft malicious model repositories that execute arbitrary Python code, undermining the security guarantee provided by the trust_remote_code=False setting. The business risk and impact of this vulnerability are significant, as it enables attackers to execute arbitrary code, potentially leading to data breaches, data tampering, and system compromise. It is essential to take immediate action to address this vulnerability and prevent potential attacks.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-27893 vulnerability with a CVSS score of 8.8 enables remote code execution despite explicit user opt-out by hardcoding trust_remote_code=True in model implementation files, allowing attackers to craft malicious model repositories that execute arbitrary Python code, undermining the security guarantee provided by the trust_remote_code=False setting. The business risk and impact of this vulnerability are significant, as it enables attackers to execute arbitrary code, potentially leading to data breaches, data tampering, and system compromise. It is essential to take immediate action to address this vulnerability and prevent potential attacks.[emaillocker id="1283"]
RECOMMENDATION:
We recommend you to update vLLM to version 0.18.0.
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-7972-pg2x-xr59