CVE-2025-46722 MEDIUM

CVE-2025-46722: vLLM has a Weakness in MultiModalHasher Image Hashing Implementation

Vendor Vllm-Project
Product vllm
Weakness CWE-1288
Published May 29, 2025
Last update May 29, 2025

CVSS base score

4.2/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L

What the vulnerability does

01Description

vLLM is an inference and serving engine for large language models (LLMs). In versions starting from 0.7.0 to before 0.9.0, in the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image objects using only obj.tobytes(), which returns only the raw pixel data, without including metadata such as the image’s shape (width, height, mode). As a result, two images of different sizes (e.g., 30x100 and 100x30) with the same pixel byte sequence could generate the same hash value. This may lead to hash collisions, incorrect cache hits, and even data leakage or security risks. This issue has been patched in version 0.9.0.

Key dates

02Disclosure timeline

May 29, 2025 CVE published
May 29, 2025 Record updated