AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-8jr5-v98p-w75m: vLLM: image EXIF Rotation & PNG tRNS Transparency Not Normalized, Causing Mismatch Between Model Input and Expectations

mediumvulnerabilityLLM-Specific

security

Source: GitHub Advisory DatabaseJune 17, 2026

Summary

vLLM, an AI framework for running large language models, has three image processing bugs that cause mismatches between what the model sees and what users expect. First, EXIF orientation data (metadata that tells how an image should be rotated) is ignored, so rotated images are processed in the wrong orientation. Second, PNG images with transparency information (the tRNS chunk, which marks certain pixels as see-through) aren't properly flattened to solid colors before processing, causing transparent pixels to become visible or distorted. Third, animated PNG and GIF files only process their first frame. These issues could alter how the model interprets image content.

Solution / Mitigation

A fix was merged in vLLM pull request #44974 (https://github.com/vllm-project/vllm/pull/44974). The source text does not provide specific details about what changes were made in that fix.

Classification

Attack Type

Model Evasion

Attack SophisticationModerate

Impact (CIA+S)

integrity

AI Component TargetedInference

Affected Vendors

Affected Packages

vllm@>= 0.11.0, <= 0.23.0

Related Issues

info

Defending Against Patch-Based and Texture-Based Adversarial Attacks With Spectral Decomposition

info

HGNN Shield: Defending Hypergraph Neural Networks Against High-Order Structure Attack

Monthly digest — independent AI security research

Original source: https://github.com/advisories/GHSA-8jr5-v98p-w75m

First tracked: June 17, 2026 at 02:01 PM

Classified by LLM (prompt v3) · confidence: 92%