Red hat ai inference server

This hub aggregates every CVE we track for Red hat ai inference server, a product in the ai ml space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Red hat ai inference server.

• CVE-2026-12491Vllm: vllm: image exif rotation & png trns transparency not normalized, causing mismatch between model input and expectations4.8Jun 17, 2026
• CVE-2026-40192Pillow is vulnerable to a FITS GZIP decompression bomb7.5Apr 15, 2026
• CVE-2026-6385Ffmpeg: ffmpeg: denial of service and potential arbitrary code execution via signed integer overflow in dvd subtitle parser6.5Apr 15, 2026
• CVE-2026-5121Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing7.5Mar 30, 2026
• CVE-2026-25645Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function4.4Mar 25, 2026
• CVE-2026-4519webbrowser.open() allows leading dashes in URLs3.3Mar 20, 2026
• CVE-2026-4424Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing7.5Mar 19, 2026
• CVE-2026-30922pyasn1 Vulnerable to Denial of Service via Unbounded Recursion7.5Mar 18, 2026
• CVE-2025-13327Uv: uv: specially crafted zip archives lead to arbitrary code execution due to parsing differentials6.3Feb 27, 2026
• CVE-2026-0994Denial of Service in Python Protobuf8.6Jan 23, 2026
• CVE-2026-23490pyasn1 has a DoS vulnerability in decoder7.5Jan 16, 2026
• CVE-2025-69228AIOHTTP vulnerable to denial of service through large payloads7.5Jan 5, 2026
• CVE-2025-69227AIOHTTP vulnerable to DoS when bypassing asserts7.5Jan 5, 2026
• CVE-2025-69226AIOHTTP allows for a brute-force leak of internal static filepath components5.3Jan 5, 2026
• CVE-2025-69223AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb7.5Jan 5, 2026