CVE-2026-6607 | lm-sys fastchat up to 0.2.36 Worker API Endpoint api_generate resource consumption (Issue 3833)

A vulnerability identified as problematic has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function api_generate of the component Worker API Endpoint. The manipulation leads to resource consumption.

This vulnerability is documented as CVE-2026-6607. The attack can be initiated remotely. Additionally, an exploit exists.

It is suggested to install a patch to address this issue.

Commit ff66426 patched this issue in api_generate of base_model_worker.py and did miss other entry points.VulDB Recent EntriesRead More