CVE-2026-12491
- EPSS 0.24%
- Veröffentlicht 17.06.2026 10:07:28
- Zuletzt bearbeitet 07.07.2026 09:16:29
A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency (tRNS) data, during image processing. When ima...
CVE-2026-6385
- EPSS 0.44%
- Veröffentlicht 15.04.2026 19:18:39
- Zuletzt bearbeitet 17.04.2026 15:17:00
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD su...
CVE-2025-6920
- EPSS 0.27%
- Veröffentlicht 01.07.2025 13:16:17
- Zuletzt bearbeitet 18.08.2025 19:07:43
A flaw was found in the authentication enforcement mechanism of a model inference API in ai-inference-server. All /v1/* endpoints are expected to enforce API key validation. However, the POST /invocations endpoint failed to do so, resulting in an aut...