CVE-2026-34760 Vllm CVE debrief

Who should care

Teams running vLLM or other audio-to-model pipelines that rely on Librosa for preprocessing, especially where speech, music, moderation, transcription, or classification decisions depend on faithful audio representation.

Technical summary

The vulnerable range in the NVD record is vllm:vllm versions 0.5.5 through before 0.18.0. The problem is not code execution; it is a mismatch in mono downmix behavior. Librosa’s default to_mono behavior uses numpy.mean, while the referenced international standard expects weighted downmixing. In practice, this can produce input audio that is numerically different from the channel balance perceived by listeners, which can affect downstream AI outputs. NVD lists the weakness as CWE-20 (Improper Input Validation) and the CVSS vector is AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L.

Defensive priority

Medium

Recommended defensive actions

• Upgrade to vLLM 0.18.0 or later, which the advisory says contains the fix.
• Review any audio ingestion or preprocessing paths that use Librosa to ensure mono conversion matches your intended policy and standards.
• If exact perceptual fidelity matters, validate preprocessing against the expected downmix method rather than relying on defaults.
• Test model outputs after upgrading to confirm that audio normalization and channel-mixing changes do not alter downstream behavior in unexpected ways.
• Track any downstream systems that consume preprocessed audio from vLLM so they can be revalidated after the change.

Evidence notes

This debrief is based only on the supplied NVD record and linked official references. The NVD entry marks the vulnerability as analyzed, lists affected versions from 0.5.5 to before 0.18.0, and provides CVSS 3.1 vector AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L. Official references include the GitHub patch commit, issue-tracking pull request, v0.18.0 release notes, and the vendor advisory.

Official resources