119 matches found
EUVD-2026-37645
A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency tRNS data, during image processing. When images are converted to RGB, transparency informatio...
GHSA-8JR5-V98P-W75M vLLM: image EXIF Rotation & PNG tRNS Transparency Not Normalized, Causing Mismatch Between Model Input and Expectations
Summary Issue 1: EXIF orientation not normalized → The image orientation processed by the model differs from how humans view it, introducing interpretation bias. Issue 2: PNG tRNS not explicitly flattened before converting to RGB → After conversion, transparent/semi-transparent pixels are rendere...
CVE-2026-12491
A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency tRNS data, during image processing. When images are converted to RGB, transparency informatio...
CVE-2026-12491 Vllm: vllm: image exif rotation & png trns transparency not normalized, causing mismatch between model input and expectations
A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency tRNS data, during image processing. When images are converted to RGB, transparency informatio...
CVE-2026-12491
CVE-2026-12491 affects the vLLM library used for LLM inference. The issue stems from improper handling of image metadata during image processing, specifically EXIF orientation and PNG transparency (tRNS). When converting images to RGB, transparency information may be discarded or remapped, causin...
CVE-2026-12491 Vllm: vllm: image exif rotation & png trns transparency not normalized, causing mismatch between model input and expectations
A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency tRNS data, during image processing. When images are converted to RGB, transparency informatio...
CVE-2026-12491 Vllm: vllm: image exif rotation & png trns transparency not normalized, causing mismatch between model input and expectations
A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency tRNS data, during image processing. When images are converted to RGB, transparency informatio...
CVE-2026-12491
A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency tRNS data, during image processing. When images are converted to RGB, transparency informatio...
PT-2026-50278
Name of the Vulnerable Software and Affected Versions vLLM affected versions not specified Description An issue exists in the image processing logic where image metadata is improperly handled. Specifically, the software fails to call ImageOps.exif transpose to normalize EXIF orientation, causing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fixed the issue of NULL pointer dereferencing during SSDB/PLD parsing. When the functions ipubridgeparserotation and ipubridgeparseorientation are executed, sensor-adev is not set yet. Therefore, if either of...
MiracleLinux 4 : firefox-68.3.0-1.0.1.AXS4 (AXSA:2019-4414:07)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-4414:07 advisory. Mozilla: Use-after-free in worker destruction CVE-2019-17008 Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 CVE-2019-17012 Mozilla:...
CVE-2025-67780
SpaceX Starlink Dish devices with firmware 2024.12.04.mr46620 e.g., on Mini1prod2 allow administrative actions via unauthenticated LAN gRPC requests, aka MARMALADE 2. The cross-origin policy can be bypassed by omitting a Referer header. In some cases, an attacker's ability to read tilt, rotation,...
C/N0 Analysis-Based GPS Spoofing Detection with Variable Antenna Orientations
GPS spoofing poses a growing threat to aviation by falsifying satellite signals and misleading aircraft navigation systems. This paper demonstrates a proof-of-concept spoofing detection strategy based on analyzing satellite Carrier-to-Noise Density Ratio C/N$0$ variation during controlled static...
EUVD-2019-7484
Malware in sbrugna...
EUVD-2014-7757
Malware in sbrugna...
EUVD-2014-9497
Malware in sbrugna...
EUVD-2019-17944
Malware in sbrugna...
EUVD-2011-1133
Malware in sbrugna...
EUVD-2016-2875
Malware in sbrugna...
EUVD-2024-51821
Malicious code in bioql PyPI...