CVE-2026-5497 | vLLM up to 0.18.x OpenAI-compatible Chat Completions API VideoMediaIO.load_base64 resource consumption

Inserito da Angelo Barbosa | Giu 11, 2026 | CVE

A vulnerability, which was classified as problematic, was found in vLLM up to 0.18.x. Affected is the function VideoMediaIO.load_base64 of the component OpenAI-compatible Chat Completions API. Such manipulation leads to resource consumption.

This vulnerability is listed as CVE-2026-5497. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.

CVE-2026-5497 | vLLM up to 0.18.x OpenAI-compatible Chat Completions API VideoMediaIO.load_base64 resource consumption

Post correlati

CVE-2024-8223 | SourceCodester Music Gallery Site 1.0 Master.php id sql injection

CVE-2026-40839 | MB Connect Line mbCONNECT24/mymbCONNECT24 up to 2.20.0 getComponentScalings sql injection (VDE-2026-044)

CVE-2024-48855 | BlackBerry QNX Software Development Platform 7.0/7.1/8.0 TIFF Image Codec out-of-bounds

CVE-2026-41472 | usmannasir cyberpanel up to 2.4.3 AI Scanner Dashboard findings_json cross site scripting