CVE-2025-48942: 
vLLM vulnerability analysis and mitigation

CVE-2025-48942 affects vLLM (versions 0.8.0 up to but excluding 0.9.0), an inference and serving engine for large language models (LLMs). The vulnerability allows an attacker to crash the vLLM server by sending an invalid json_schema as a Guided Param to the /v1/completions API. This vulnerability was discovered in May 2025 and has been patched in version 0.9.0 (GitHub Advisory, NVD).

The vulnerability occurs when hitting the /v1/completions API with an invalid json_schema as a Guided Param. The issue stems from uncaught exceptions from xgrammar in the compiler.py module, where the system assumes any validation error raised by xgrammar is due to unsupported json schema features, and the backend is reverted to guidance without further validation checks. The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (MEDIUM) with vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (GitHub Advisory).

When successfully exploited, this vulnerability causes the vLLM server to crash, resulting in a Denial of Service (DoS). The impact is limited to availability, with no effect on confidentiality or integrity of the system (GitHub Advisory).

The vulnerability has been fixed in vLLM version 0.9.0. Users should upgrade to this version or later to prevent potential attacks. The fix includes additional guidance validation checks if the xgrammar validation fails, to catch invalid grammar specifications before attempting to compile the grammar (GitHub PR).