Critical vLLM Vulnerability Lets Attackers Hijack AI Servers via Video Link
CVE-2026-22778, a critical RCE in vLLM versions 0.8.3-0.14.0, chains a PIL information leak with a JPEG2000 heap overflow to achieve code execution through a malicious video link.