{
  "affected": [
    {
      "ranges": [
        {
          "database_specific": {
            "cpe": "cpe:2.3:a:vllm:vllm:*:*:*:*:*:*:*:*",
            "extracted_events": [
              {
                "introduced": "0.10.2"
              },
              {
                "fixed": "0.13.0"
              }
            ],
            "source": [
              "AFFECTED_FIELD",
              "CPE_RANGE"
            ]
          },
          "events": [
            {
              "introduced": "01efc7ef781391e744ed08c3292817a773d654e6"
            },
            {
              "fixed": "72506c98349d6bcd32b4e33eec7b5513453c1502"
            }
          ],
          "repo": "https://github.com/vllm-project/vllm",
          "type": "GIT"
        }
      ]
    }
  ],
  "aliases": [
    "GHSA-mcmc-2m55-j8jj"
  ],
  "database_specific": {
    "cna_assigner": "VulnCheck",
    "cwe_ids": [
      "CWE-20"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/56xxx/CVE-2026-56340.json"
  },
  "details": "vLLM versions \u003e= 0.10.2 and \u003c 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests with malformed (negative or out-of-bounds) tensor indices, when the prompt-embeds feature is enabled, to trigger crashes or resource exhaustion (denial of service), with potential for out-of-bounds/write-what-where memory corruption. This continues CVE-2025-62164, whose prior fix only disabled the feature by default rather than addressing the root cause.",
  "id": "CVE-2026-56340",
  "modified": "2026-07-08T05:38:31.154475636Z",
  "published": "2026-06-20T18:27:10.148Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-56340.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/security/cve/CVE-2026-56340"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/56xxx/CVE-2026-56340.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mcmc-2m55-j8jj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-56340"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.vulncheck.com/advisories/vllm-denial-of-service-via-unvalidated-multimodal-embeddings"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2491060"
    }
  ],
  "schema_version": "1.7.5",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "vLLM - Denial of Service via Unvalidated Multimodal Embeddings"
}