CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

214 matches found

NVD•added 2026/06/11 10:16 a.m.•10 views

CVE-2026-5497

vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory OOM Denial of Service DoS attack due to unbounded frame count processing in the VideoMediaIO.loadbase64 method. When processing video/jpeg data URLs, the method splits the base64 data string on commas to extract individual JPEG fram...

7.5CVSS0.00423EPSS

Exploits1References2

Vulnrichment•added 2026/06/11 8:31 a.m.•8 views

CVE-2026-5497 Unbounded Frame Count in video/jpeg Base64 Data URL Processing Leads to OOM DoS in vllm-project/vllm

7.5CVSS7.2AI score0.00423EPSS

Exploits1References2

Cvelist•added 2026/06/11 8:31 a.m.•27 views

CVE-2026-5497 Unbounded Frame Count in video/jpeg Base64 Data URL Processing Leads to OOM DoS in vllm-project/vllm

7.5CVSS0.00423EPSS

Exploits1References2

Positive Technologies•added 2026/06/11 12:0 a.m.•10 views

PT-2026-48638

Name of the Vulnerable Software and Affected Versions vLLM versions 0.8.0 and later Description An Out-of-Memory OOM Denial of Service DoS issue exists due to unbounded frame count processing in the VideoMediaIO.load base64 function. When processing video/jpeg data URLs, the system splits the...

7.5CVSS7.4AI score0.00423EPSS

Exploits1References8

OSV•added 2026/05/05 9:9 p.m.•6 views

CLSA-2026-1777663444 freerdp: Fix of 3 CVEs

CVE-2026-33985: fix information leak in ClearCodec glyph index decode; validate nWidthnHeight for overflow and update glyphEntry-count only after a successful realloc so subsequent reads cannot expose adjacent heap memory - CVE-2022-39283: fix missing length check in /video channel data handler;...

7.5CVSS6AI score0.00985EPSS

Exploits0References1

OSV•added 2026/04/17 10:32 a.m.•4 views

CLSA-2026-1776421961 libwebp: Fix of 2 CVEs

CVE-2018-25013, CVE-2018-25014: wait for all threads to be done in DecodeRemaining, make sure partition 0 is read before VP8 data...

9.8CVSS5.8AI score0.0223EPSS

Exploits0References1

Snyk•added 2026/04/03 9:51 p.m.•2 views

Allocation of Resources Without Limits or Throttling

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of a frame count limit in the loadbase64 function when processing video/jpeg...

7.1CVSS5.9AI score0.00277EPSS

Exploits0References2

EUVD•added 2026/03/16 3:30 p.m.•4 views

EUVD-2026-12117

GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

7.8CVSS6.3AI score0.00383EPSS

Exploits0References3

Debian CVE•added 2026/03/13 8:38 p.m.•4 views

CVE-2026-2922

7.8CVSS8.4AI score0.00383EPSS

Exploits0

SUSE CVE•added 2026/03/09 1:31 p.m.•2 views

SUSE CVE-2026-2921

GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending o...

7.8CVSS6.4AI score0.00838EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2013-3605

Malware in sbrugna...

4.3CVSS9.2AI score0.01357EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2013-0862

Malware in sbrugna...

9.3CVSS8.3AI score0.02115EPSS

Exploits0References5