System	Score	Found at
cvssv3	6.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46560.json
cvssv3.1	6.5	https://github.com/vllm-project/vllm
generic_textual	MODERATE	https://github.com/vllm-project/vllm
cvssv3.1	6.5	https://github.com/vllm-project/vllm/blob/8cac35ba435906fb7eb07e44fe1a8c26e8744f4e/vllm/model_executor/models/phi4mm.py#L1182-L1197
generic_textual	MODERATE	https://github.com/vllm-project/vllm/blob/8cac35ba435906fb7eb07e44fe1a8c26e8744f4e/vllm/model_executor/models/phi4mm.py#L1182-L1197
cvssv3.1	6.5	https://github.com/vllm-project/vllm/security/advisories/GHSA-vc6m-hm49-g9qg
generic_textual	MODERATE	https://github.com/vllm-project/vllm/security/advisories/GHSA-vc6m-hm49-g9qg
cvssv3.1	6.5	https://nvd.nist.gov/vuln/detail/CVE-2025-46560
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2025-46560

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46560.json
		https://github.com/vllm-project/vllm
		https://github.com/vllm-project/vllm/blob/8cac35ba435906fb7eb07e44fe1a8c26e8744f4e/vllm/model_executor/models/phi4mm.py#L1182-L1197
2363025		https://bugzilla.redhat.com/show_bug.cgi?id=2363025
CVE-2025-46560		https://nvd.nist.gov/vuln/detail/CVE-2025-46560
GHSA-vc6m-hm49-g9qg		https://github.com/advisories/GHSA-vc6m-hm49-g9qg
GHSA-vc6m-hm49-g9qg		https://github.com/vllm-project/vllm/security/advisories/GHSA-vc6m-hm49-g9qg

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46560.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/vllm-project/vllm

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/vllm-project/vllm/blob/8cac35ba435906fb7eb07e44fe1a8c26e8744f4e/vllm/model_executor/models/phi4mm.py#L1182-L1197

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/vllm-project/vllm/security/advisories/GHSA-vc6m-hm49-g9qg

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2025-46560

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T16:23:55.014415+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/vllm/GHSA-vc6m-hm49-g9qg.yml	38.6.0