Impact
The vulnerability resides in the Vllm library, where image metadata such as EXIF orientation and PNG transparency is not properly normalized when converting to RGB. This causes transparency information to be discarded or remapped, which can alter the visual content presented to the model. As a result, the large language model may misinterpret the image and produce inaccurate or misleading inferences, undermining the integrity of the processed data.
Affected Systems
Red Hat AI Inference Server, Red Hat Enterprise Linux AI (RHEL AI), and Red Hat OpenShift AI deployments that use vLLM version 3 are affected. These products distribute the library within their AI inference stacks and rely on it for image preprocessing prior to model inference.
Risk and Exploitability
The CVSS score of 4.8 indicates a low severity risk. The EPSS score is not available, and the vulnerability is not listed in CISA KEV, suggesting limited current exploitation. However, the attack vector is inferred to stem from crafted image inputs sent to the inference service. An attacker with the ability to supply images—such as through an API endpoint or local process—could exploit this weakness to corrupt model predictions. The impact is confined to model output integrity rather than code execution or system compromise.
OpenCVE Enrichment
Github GHSA