Vulnerability  ·  2026-07-07

vLLM — Unbounded Audio-Upload Memory Materialization Enables DoS

VulnerabilityMedium impactGlobalCVE-2026-55646
vLLM's audio endpoints read the entire uploaded file into memory prior to enforcing the configured maximum file size, defeating the purpose of the limit and enabling a memory-exhaustion denial of service.
A narrow but real DoS vector against a specific vLLM feature (audio transcription) already fixed within a point release; low blast radius relative to the other vLLM CVEs in this batch but still worth tracking for anyone on 0.22.0–0.23.0.
The audio transcription/translation routes call request.file.read() to fully materialize an uploaded audio file into memory before vLLM checks the documented VLLM_MAX_AUDIO_CLIP_FILESIZE_MB limit, letting an attacker upload an oversized file to exhaust server memory before the size check rejects it.
vLLM, versions 0.22.0 to 0.23.0
Upgrade to vLLM >= 0.24.0, which enforces the file-size limit before full materialization.
NVD CVE-2026-55646vLLM fix commit
See this in the live feed Explore related AI security and governance findings — updated every morning.
Open the feed →