CVE-2026-34755
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
vLLM is an inference and serving engine for large language models (LLMs). From 0.7.0 to before 0.19.0, the VideoMediaIO.load_base64() method at vllm/multimodal/media/video.py splits video/jpeg data URLs by comma to extract individual JPEG frames, but does not enforce a frame count limit. The num_frames parameter (default: 32), which is enforced by the load_bytes() code path, is completely bypassed in the video/jpeg base64 path. An attacker can send a single API request containing thousands of comma-separated base64-encoded JPEG frames, causing the server to decode all frames into memory and crash with OOM. This vulnerability is fixed in 0.19.0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| vllm-project | vllm | >= 0.7.0, < 0.19.0 | affected |
Weaknesses
- CWE-770: CWE-770: Allocation of Resources Without Limits or Throttling
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
vLLM: vLLM: Denial of Service due to excessive video frame processing
Additional References
- https://access.redhat.com/security/cve/CVE-2026-34755
- https://bugzilla.redhat.com/show_bug.cgi?id=2455403
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34755.json
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.