Description
vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before version 0.18.0, Librosa defaults to using numpy.mean for mono downmixing (to_mono), while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results in inconsistency between audio heard by humans (e.g., through headphones/regular speakers) and audio processed by AI models (Which infra via Librosa, such as vllm, transformer). This issue has been patched in version 0.18.0.
Published: 2026-04-02
Score: 5.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Audio Misrepresentation
Action: Update
AI Analysis

Impact

The CVE involves a discrepancy in the default algorithm used for mono downmixing in the Librosa library, which vLLM relies upon. This mismatch between the standard ITU-R BS.775‑4 weighted downmix and the simpler numpy.mean approach results in audio that humans hear differing from audio supplied to AI models. Such inconsistency can cause the model to process audio content differently than expected, potentially leading to incorrect or manipulated inference outcomes.

Affected Systems

vLLM, the open‑source inference engine for large language models, is affected in all releases from version 0.5.5 up to, but not including, 0.18.0. Users running those versions are susceptible to the discussed audio downmixing behavior.

Risk and Exploitability

The vulnerability carries a CVSS score of 5.9, placing it in the medium severity range, and an EPSS score of less than 1 %, indicating low probability of exploitation in the wild. It is not listed in the CISA KEV catalog. The likely attack vector involves an adversary supplying specially crafted audio input that exploits the differing downmix algorithm, thereby influencing the model’s output. No official workaround is provided; the issue is fixed in v0.18.0.

Generated by OpenCVE AI on April 7, 2026 at 01:48 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade vLLM to version 0.18.0 or later

Generated by OpenCVE AI on April 7, 2026 at 01:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-358
References
Metrics threat_severity

None

 threat_severity

Moderate

Fri, 03 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Vllm-project
Vllm-project vllm
Vendors & Products Vllm-project
Vllm-project vllm

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before version 0.18.0, Librosa defaults to using numpy.mean for mono downmixing (to_mono), while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results in inconsistency between audio heard by humans (e.g., through headphones/regular speakers) and audio processed by AI models (Which infra via Librosa, such as vllm, transformer). This issue has been patched in version 0.18.0.
Title vLLM: Downmix Implementation Differences as Attack Vectors Against Audio AI Models
Weaknesses CWE-20
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L'}

Subscriptions

Vllm-project Vllm
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-03T14:42:34.842Z

Reserved: 2026-03-30T19:17:10.225Z

Link: CVE-2026-34760

cve-icon Vulnrichment

Updated: 2026-04-03T14:42:31.132Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-02T20:16:25.437

Modified: 2026-04-03T16:10:23.730

Link: CVE-2026-34760

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-02T18:59:49Z

Links: CVE-2026-34760 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-07T07:55:25Z

Weaknesses