CVE-2025-48887: 
Chainguard vulnerability analysis and mitigation

CVE-2025-48887 is a Regular Expression Denial of Service (ReDoS) vulnerability discovered in vLLM (versions 0.6.4 to 0.9.0), an inference and serving engine for large language models. The vulnerability was disclosed on May 28, 2025, and affects the file vllm/entrypoints/openai/tool_parsers/pythonic_tool_parser.py. The issue has been assigned a CVSS v3.1 score of 6.5 (Medium) (GitHub Advisory).

The vulnerability stems from a highly complex and nested regular expression pattern used for tool call detection: r"[([a-zA-Z]+\w*(([a-zA-Z]+\w*=.*,\s*)*([a-zA-Z]+\w*=.*\s)?),\s*)*([a-zA-Z]+\w*(([a-zA-Z]+\w*=.*,\s*)*([a-zA-Z]+\w*=.*\s*)?)\s*)+]". This pattern contains multiple nested quantifiers (*, +), optional groups, and inner repetitions that make it vulnerable to catastrophic backtracking. Performance testing demonstrated exponential time complexity growth, where a 70-character input took 0.5185 seconds while a 102-character input required 319.0717 seconds to process (GitHub Advisory).

The vulnerability can lead to Denial of Service (DoS) through excessive CPU usage when processing specially crafted payloads. The issue can cause resource exhaustion, memory retention, and potential GPU memory exhaustion due to unreleased KV cache. This may result in service unavailability, degraded throughput, and broader system instability (GitHub Advisory).

The vulnerability has been patched in vLLM version 0.9.0. The fix implemented in PR #18454 improved the performance by changing the time complexity from exponential O(2^N) to quadratic O(N^2). While this significantly reduces the vulnerability's impact, it's noted that the regex may still be problematic due to the quadratic complexity (GitHub Advisory).