CVE-2026-54235
Received Received - Intake
Float Handling Flaw in vLLM Leads to GPU Sampling Errors

Publication date: 2026-06-22

Last updated on: 2026-06-22

Assigner: GitHub, Inc.

Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operators (<, >), which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagate to GPU sampling kernels, where they produce undefined behavior or CUDA errors that can crash the inference worker. This vulnerability is fixed in 0.23.1rc0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-22
Last Modified
2026-06-22
Generated
2026-06-23
AI Q&A
2026-06-23
EPSS Evaluated
N/A
NVD
CVE-2026-54235
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1287 The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in vLLM, an inference and serving engine for large language models (LLMs), in versions prior to 0.23.1rc0. The issue arises because the temperature validation gates use comparison operators (<, >) that silently evaluate to False for special floating-point values like NaN (Not a Number) and positive Infinity according to Python's IEEE 754 float semantics.

As a result, these special values bypass the validation checks and propagate to GPU sampling kernels. This leads to undefined behavior or CUDA errors that can crash the inference worker.

The vulnerability is fixed in version 0.23.1rc0.

Impact Analysis

The impact of this vulnerability is that it can cause the inference worker in vLLM to crash due to undefined behavior or CUDA errors when processing NaN or positive Infinity temperature values.

This can lead to denial of service conditions where the large language model inference engine becomes unavailable or unstable.

Mitigation Strategies

To mitigate this vulnerability, upgrade vLLM to version 0.23.1rc0 or later, where the temperature validation gates have been fixed to properly handle NaN and positive Infinity values, preventing undefined behavior and CUDA errors.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-54235. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart