A vulnerability classified as critical was found in vLLM up to 0.12.x . This impacts an unknown function of the component prompt-embeds Feature . Executing a manipulation can lead to out-of-bounds read. This vulnerability appears as CVE-2026-56340 . The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.