REPRO-2026-00078 HIGH RCE Verified

vLLM RCE via auto_map dynamic module loading

vllm (pip) Jan 22, 2026

Confidence HIGH

Reproduced in 19m 50s

Tool calls 280

Affected >= 0.10.1, < 0.14.0

What's the vulnerability?

vLLM loads Hugging Face auto_map dynamic modules during model resolution without honoring trust_remote_code, allowing attacker-controlled code to execute at server startup.

Root Cause Analysis

One Command

Verify with pruva-verify

Run the Pruva CLI to automatically fetch and execute the reproduction script.

pruva-verify REPRO-2026-00078

or pruva-verify GHSA-2pc9-4j83-qjmr

or pruva-verify CVE-2026-22807

Install: curl -fsSL https://pruva.dev/install.sh | sh

Or Run Manually

Download the script

curl -O https://pruva.dev/api/v1/reproductions/REPRO-2026-00078/artifacts/bundle/repro/reproduction_steps.sh

Make executable

chmod +x reproduction_steps.sh

Run the script

./reproduction_steps.sh

Run in a VM, container, or disposable environment. This exploits a real vulnerability.

How Pruva Reproduced This

Watch the AI agent's step-by-step process.

Loading session...

Artifacts

bundle/repro/reproduction_steps.sh4.3 KB

bundle/repro/rca_report.md2.7 KB

bundle/ticket.md2.2 KB

bundle/logs/attempt1.log0.1 KB

bundle/logs/attempt2.log0.0 KB

bundle/logs/attempt3_fixed.log0.0 KB

bundle/logs/summary.log0.1 KB

bundle/logs/tool_01_list_memory_items.log0.2 KB