Lucene search
+L

6 matches found

NVD
NVD
added 2026/06/11 10:16 a.m.12 views

CVE-2026-5497

vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory OOM Denial of Service DoS attack due to unbounded frame count processing in the VideoMediaIO.loadbase64 method. When processing video/jpeg data URLs, the method splits the base64 data string on commas to extract individual JPEG fram...

7.5CVSS0.00543EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/11 8:31 a.m.11 views

EUVD-2026-36217

vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory OOM Denial of Service DoS attack due to unbounded frame count processing in the VideoMediaIO.loadbase64 method. When processing video/jpeg data URLs, the method splits the base64 data string on commas to extract individual JPEG fram...

7.5CVSS5.5AI score0.00543EPSS
Exploits1References2
OSV
OSV
added 2026/06/11 8:31 a.m.3 views

CVE-2026-5497 Unbounded Frame Count in video/jpeg Base64 Data URL Processing Leads to OOM DoS in vllm-project/vllm

vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory OOM Denial of Service DoS attack due to unbounded frame count processing in the VideoMediaIO.loadbase64 method. When processing video/jpeg data URLs, the method splits the base64 data string on commas to extract individual JPEG fram...

7.5CVSS6AI score0.00543EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/04/06 3:38 p.m.2 views

CVE-2026-34755 vLLM Affected by Denial of Service via Unbounded Frame Count in video/jpeg Base64 Processing

vLLM is an inference and serving engine for large language models LLMs. From 0.7.0 to before 0.19.0, the VideoMediaIO.loadbase64 method at vllm/multimodal/media/video.py splits video/jpeg data URLs by comma to extract individual JPEG frames, but does not enforce a frame count limit. The numframes...

6.5CVSS6AI score0.00378EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/06 3:38 p.m.4 views

CVE-2026-34755

vLLM is an inference and serving engine for large language models LLMs. From 0.7.0 to before 0.19.0, the VideoMediaIO.loadbase64 method at vllm/multimodal/media/video.py splits video/jpeg data URLs by comma to extract individual JPEG frames, but does not enforce a frame count limit. The numframes...

6.5CVSS5.8AI score0.00378EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/06 3:38 p.m.22 views

CVE-2026-34755

vLLM's VideoMediaIO.load_base64("video/jpeg") path has an unbounded frame-splitting bug: data.split(",") bypasses the intended frame-count limit (default 32) used by the binary path, allowing a single request with thousands of comma-separated base64 JPEG frames. This can cause the server to decod...

6.5CVSS6AI score0.00378EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder