{"data":{"id":"dffb878b-7fe7-40a6-be71-5d7d5992664e","title":"GHSA-6pr9-rp53-2pmc: vLLM: OOM Denial of Service via Audio Decompression Bomb","summary":"vLLM's audio transcription endpoint checks the size of compressed audio files but not the decoded output, allowing a decompression bomb attack. A 25MB OPUS file can expand to about 14.9GB of PCM audio (raw, uncompressed audio data) in memory, letting an attacker crash the server by exhausting RAM with just a few requests.","solution":"A fix for this vulnerability was merged in pull request #44970 on the vLLM GitHub repository: https://github.com/vllm-project/vllm/pull/44970","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-6pr9-rp53-2pmc","publishedAt":"2026-06-17T14:06:22.000Z","cveId":"CVE-2026-54233","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":["vllm@<= 0.23.0"],"affectedVendors":[],"affectedVendorsRaw":["vLLM"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-06-17T14:06:22.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["availability"],"aiComponentTargeted":"inference","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}