machine learning

CVE-2026-22778, a critical RCE in vLLM versions 0.8.3-0.14.0, chains a PIL information leak with a JPEG2000 heap overflow to achieve code execution through a malicious video link.

A practical guide to securing large language model and AI deployments, covering prompt injection, data extraction, RAG pipeline security, AI gateways, input/output filtering, and the OWASP Top 10 for LLM Applications.