A new critical vulnerability in vLLM, tracked as CVE-2026-22778, carries a CVSS of 9.8 and enables remote code execution by simply processing a malicious video file. The flaw results from a two‑step chain: an information leak in the Python Imaging Library that exposes memory addresses, followed by a heap overflow in the JPEG2000 decoder within the bundled OpenCV/FFmpeg libraries, allowing an attacker to hijack code execution.
The advisory notes that default vLLM installations from sources such as pip or Docker often lack authentication, meaning pre‑auth access can be sufficient in some configurations. Affected versions are vLLM 0.8.3 and later but before 0.14.1, OpenCV 4.x with the bundled FFmpeg, and FFmpeg 5.1.x (bundled). Administrators are urged to upgrade to vLLM version 0.14.1 or later to patch this vulnerability.