CVE-2026-5497 | vLLM up to 0.18.x OpenAI-compatible Chat Completions API VideoMediaIO.load_base64 resource consumption

A vulnerability, which was classified as problematic, was found in vLLM up to 0.18.x. Affected is the function VideoMediaIO.load_base64 of the component OpenAI-compatible Chat Completions API. Such manipulation leads to resource consumption.

This vulnerability is listed as CVE-2026-5497. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More