What is GHSA-g57c-wgqx-8wx7?

GHSA-g57c-wgqx-8wx7 is a security advisory published by GitHub Security Advisories with High severity. vllm-project/vllm version 0.14.1 contains a vulnerability where the `trust_remote_code=True`...

Which CVE IDs does GHSA-g57c-wgqx-8wx7 cover?

GHSA-g57c-wgqx-8wx7 covers the following CVE IDs: CVE-2026-4944. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-g57c-wgqx-8wx7?

GHSA-g57c-wgqx-8wx7 has a CVSS v3 base score of 8.8, published by GitHub Security Advisories.

GHSA-g57c-wgqx-8wx7HighCVSS 8.8

vllm-project/vllm version 0.14.1 contains a vulnerability where the `trust_remote_code=True`...

Vendor

GitHub Security Advisories

Published

May 28, 2026

Last Modified

May 28, 2026

🔗 CVE IDs covered (1)

CVE-2026-4944 →

📋 Description

vllm-project/vllm version 0.14.1 contains a vulnerability where the trust_remote_code=True parameter is hardcoded in two model implementation files (vllm/model_executor/models/nemotron_vl.py and vllm/model_executor/models/kimi_k25.py). This bypasses the user's explicit --trust-remote-code=False setting, enabling remote code execution via malicious HuggingFace model repositories. This issue is an incomplete fix for CVE-2025-66448 and CVE-2026-22807, as it affects separate code paths in model implementation files. Deployments loading NemotronVL or KimiK25 models are particularly impacted.

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-4944
https://huntr.com/bounties/97f706f7-a852-49b2-a4eb-76811e611daf
https://github.com/advisories/GHSA-g57c-wgqx-8wx7