Description
A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency (tRNS) data, during image processing. When images are converted to RGB, transparency information may be implicitly discarded or remapped, leading to unexpected rendering of transparent pixels and distortion of input content. This can result in the model misinterpreting image content, potentially affecting the integrity of processed data.
Published: 2026-06-17
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the Vllm library, where image metadata such as EXIF orientation and PNG transparency is not properly normalized when converting to RGB. This causes transparency information to be discarded or remapped, which can alter the visual content presented to the model. As a result, the large language model may misinterpret the image and produce inaccurate or misleading inferences, undermining the integrity of the processed data.

Affected Systems

Red Hat AI Inference Server, Red Hat Enterprise Linux AI (RHEL AI), and Red Hat OpenShift AI deployments that use vLLM version 3 are affected. These products distribute the library within their AI inference stacks and rely on it for image preprocessing prior to model inference.

Risk and Exploitability

The CVSS score of 4.8 indicates a low severity risk. The EPSS score is not available, and the vulnerability is not listed in CISA KEV, suggesting limited current exploitation. However, the attack vector is inferred to stem from crafted image inputs sent to the inference service. An attacker with the ability to supply images—such as through an API endpoint or local process—could exploit this weakness to corrupt model predictions. The impact is confined to model output integrity rather than code execution or system compromise.

Generated by OpenCVE AI on June 18, 2026 at 12:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the vLLM library to the latest patched release that addresses image metadata handling.
  • Implement image preprocessing routines that explicitly normalize EXIF orientation and PNG transparency before converting images to RGB.
  • Validate that output from the model is consistent when tested with known image inputs to detect any discrepancies caused by improper rendering.

Generated by OpenCVE AI on June 18, 2026 at 12:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-8jr5-v98p-w75m vLLM: image EXIF Rotation & PNG tRNS Transparency Not Normalized, Causing Mismatch Between Model Input and Expectations
History

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 17 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

threat_severity

Moderate


Wed, 17 Jun 2026 11:15:00 +0000

Type Values Removed Values Added
Description A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency (tRNS) data, during image processing. When images are converted to RGB, transparency information may be implicitly discarded or remapped, leading to unexpected rendering of transparent pixels and distortion of input content. This can result in the model misinterpreting image content, potentially affecting the integrity of processed data.
Title Vllm: vllm: image exif rotation & png trns transparency not normalized, causing mismatch between model input and expectations
First Time appeared Redhat
Redhat ai Inference Server
Redhat enterprise Linux Ai
Redhat openshift Ai
Weaknesses CWE-115
CPEs cpe:/a:redhat:ai_inference_server:3
cpe:/a:redhat:enterprise_linux_ai:3
cpe:/a:redhat:openshift_ai
Vendors & Products Redhat
Redhat ai Inference Server
Redhat enterprise Linux Ai
Redhat openshift Ai
References
Metrics cvssV3_1

{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L'}


Subscriptions

Redhat Ai Inference Server Enterprise Linux Ai Openshift Ai
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-07-07T07:44:29.614Z

Reserved: 2026-06-17T07:24:01.437Z

Link: CVE-2026-12491

cve-icon Vulnrichment

Updated: 2026-06-17T14:47:54.334Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-10T00:00:00Z

Links: CVE-2026-12491 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T09:41:55Z

Weaknesses
  • CWE-115

    Misinterpretation of Input