1  info:
 2    name: vllm
 3    cve: CVE-2025-32381
 4    summary: xgrammar is vulnerable to Denial of Service (DoS) due to an unbounded cache in memory.
 5    details: |
 6      The xgrammar library, used by vllm, includes an unbounded cache for compiled grammars. 
 7      This cache, held in memory, can be exploited by an attacker to fill up a host's memory, 
 8      leading to a denial of service. This can occur, for example, by sending many small requests 
 9      to an LLM inference server with unique JSON schemas.
10    cvss: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
11    severity: HIGH
12    security_advise: |
13      1. Upgrade xgrammar to version 0.1.18 or later.
14      2. Ensure that any system making use of xgrammar and taking requests from potentially untrusted parties implements appropriate cache size limits.
15      3. Refer to the fix implemented in https://github.com/mlc-ai/xgrammar/pull/243 for guidance on limiting cache size.
16  rule: version > "0" && version < "0.1.18"
17  references:
18    - https://github.com/mlc-ai/xgrammar/security/advisories/GHSA-389x-67px-mjg3
19    - https://nvd.nist.gov/vuln/detail/CVE-2025-32381
20    - https://github.com/mlc-ai/xgrammar/pull/243
21    - https://github.com/vllm-project/vllm/pull/16283
22    - https://github.com/mlc-ai/xgrammar