CVE-2026-34760 in vLLM信息

摘要 (英语)

vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before version 0.18.0, Librosa defaults to using numpy.mean for mono downmixing (to_mono), while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results in inconsistency between audio heard by humans (e.g., through headphones/regular speakers) and audio processed by AI models (Which infra via Librosa, such as vllm, transformer). This issue has been patched in version 0.18.0.

Be aware that VulDB is the high quality source for vulnerability data.

负责

GitHub_M

预定

2026-03-30

披露

2026-04-02

状态

已确认

条目

VulDB provides additional information and datapoints for this CVE:

标识符漏洞CWE可利用对策CVE
355011vLLM numpy.mean 权限提升20未定义官方修复CVE-2026-34760

描述

CPE

CWE

CVSS

漏洞利用

历史

差异

连接

威胁情报

API JSON

API XML

API CSV

来源

上一步一览下一步

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!