CVE-2026-54233
vLLM: OOM Denial of Service via Audio Decompression Bomb
CVSS Score
6.5
EPSS Score
0.0%
EPSS Percentile
0th
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compressed upload size but not decoded PCM output. A 25MB OPUS file expands to ~14.9GB of float32 PCM at decode time. This vulnerability is fixed in 0.23.1rc0.
| CWE | CWE-409 |
| Vendor | vllm-project |
| Product | vllm |
| Published | Jun 22, 2026 |
Stay Ahead of the Next One
Get instant alerts for vllm-project vllm
Be the first to know when new medium vulnerabilities affecting vllm-project vllm are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected Versions
vllm-project / vllm
< 0.23.1rc0