Platform
python
Component
vllm
Opgelost in
0.8.4
0.14.1
CVE-2026-22778 represents a severe Remote Code Execution (RCE) vulnerability discovered in vLLM, a fast LLM inference and serving engine. This vulnerability allows attackers to execute arbitrary commands on the server by exploiting a combination of an information leak and a heap overflow within the JPEG2000 decoder. The vulnerability affects versions of vLLM up to 0.9.2, and a patch is available in version 0.14.1.
CVE-2026-22778 in vLLM represents a critical Remote Code Execution (RCE) risk. This vulnerability stems from a chain of events: first, PIL error messages leak memory addresses, bypassing Address Space Layout Randomization (ASLR). Second, a heap overflow in the JPEG2000 decoder within OpenCV/FFmpeg allows for code execution hijacking. An attacker can exploit this vulnerability by sending a malicious video URL to vLLM Completions or Invocations, specifically when using a video model, resulting in arbitrary command execution on the server. Default vLLM instances, installed directly from pip or Docker, lack authentication, making them particularly vulnerable.
An attacker could exploit this vulnerability by sending a malicious video URL to the vLLM API. The video, upon being processed by the JPEG2000 decoder, would trigger the heap overflow, allowing for arbitrary code execution. The lack of authentication in default instances greatly facilitates this exploitation. The attacker needs network access to the machine running vLLM to send the malicious request.
Exploit Status
EPSS
0.08% (24% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation is to update vLLM to version 0.14.1 or later. This version includes the necessary fixes to address the information leak and heap overflow vulnerabilities. Furthermore, enabling authentication on all vLLM instances is strongly recommended to restrict access and reduce the attack surface. Monitoring system logs for suspicious activity related to video processing can also help detect and respond to potential attacks. Consider applying security patches to OpenCV/FFmpeg if updating vLLM immediately is not possible.
Actualice la biblioteca vLLM a la versión 0.14.1 o superior. Esto solucionará la vulnerabilidad de fuga de direcciones del heap. Puede actualizar usando `pip install vllm==0.14.1` o un comando similar según su entorno.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
ASLR (Address Space Layout Randomization) is a security technique that randomizes the memory locations of processes, making it harder for attackers to predict where data and code are located, thus hindering exploitation.
If an immediate update isn’t possible, implement mitigations such as enabling authentication and monitoring system logs for suspicious activity. Consider patching OpenCV/FFmpeg if feasible.
Videos using the JPEG2000 format are most vulnerable due to the heap overflow in the decoder.
If you are using a version prior to 0.14.1 and haven’t applied any mitigations, you are likely vulnerable. Verify the vLLM version you are using.
Currently, there are no specific tools to detect this vulnerability. Monitoring logs and verifying the vLLM version are the best options.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je requirements.txt-bestand en we vertellen je direct of je getroffen bent.