CVE-2026-5497
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk44th percentile - higher than 44% of all known CVEs
Summary
A vulnerability in vLLM versions 0.8.0 and later allows a DoS attack via memory exhaustion. The `VideoMediaIO.load_base64()` method does not limit the number of video frames when processing `video/jpeg` data URLs, enabling an attacker to send a request with thousands of encoded frames, causing server crash.
Risk Assessment
The attack can lead to vLLM service unavailability, affecting applications using the OpenAI-compatible API. No authentication is required, making the attack easy to execute.
Recommendation
Update vLLM to the latest version that includes a fix limiting the number of video frames. If an update is not possible, deploy WAF rules to block requests with an excessive number of video frames.
Original NVD description (English source)
vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS) attack due to unbounded frame count processing in the `VideoMediaIO.load_base64()` method. When processing `video/jpeg` data URLs, the method splits the base64 data string on commas to extract individual JPEG frames without enforcing a frame count limit. An attacker can exploit this by crafting a single API request containing thousands of comma-separated base64-encoded JPEG frames in a data URL, causing the server to decode all frames into memory and crash due to excessive memory consumption. This vulnerability is reachable via the OpenAI-compatible chat completions API and does not require authentication.

