NVIDIA
NVIDIA
AI Blueprint for Video Search and Summarization
Helm Chart
NVIDIA
NVIDIA
AI Blueprint for Video Search and Summarization

Blueprint for the Video Search and Summarization Agent

Introduction

Advances in AI video understanding and interaction have the potential to revolutionize how we access, analyze, and interact with video content in various domains. These AI models are capable of:

  • Video captioning-Generating text descriptions or summary of videos.
  • Question answering-Answering questions about a video's content.
  • Video retrieval-Finding specific videos (highlights) based on text queries.
  • Action recognition-Identifying actions happening in the video.

The current release of Video Search and Summarization Agent (VSS) demonstrates Video Summarization, Q&A and alerts with accelerated performance on NVIDIA hardware.

Features

VSS supports video upload, live stream support, summarizing on video files, image files and live streams with various configuration options. Features:

  • Faster/Quick Long video processing
  • Image / Multi-Image support
  • Live Stream (RTSP) support
  • Supported file formats: mp4, mkv, jpg, png
  • Supported codecs: h264/h265 video and Opus/Vorbis audio
  • Summarization for videos, images, and live streams
  • Q&A for files, images and live-streams
  • Event & Alerts
  • vLLM acceleration for Cosmos-Reason1 and Cosmos-Reason2
  • Multi Node multiple GPU support
  • Context aware RAG support for enhanced accuracy & Q&A
    • Graph RAG
    • Vector RAG
  • Support for GPT-4o as the VLM and LLM
  • Use OpenAI Compatible hosted VLM models
  • Drop-in support for custom VLMs
  • Guardrails support
  • OpenAI Compatible REST API
  • Multi-stream support
  • Use of Riva ASR based audio transcription in summarization, QnA, and alerts
  • CV pipeline to generate CV metadata and Set of Marks (SOM) Prompting for videos and live streams

Architecture

VSS Architecture

User Guide

User Guide is available at: https://docs.nvidia.com/vss/index.html

NOTE: This project will download and install additional third-party open source software projects. Review the license terms of these open source projects before use.

Deployment Note

The Video Search and Summarization Blueprint is shared as reference and is provided "as is". The security in the production environment is the responsibility of the end users deploying it. When deploying in a production environment, please have security experts review any potential risks and threats; define the trust boundaries, implement logging and monitoring capabilities, secure the communication channels, integrate AuthN & AuthZ with appropriate access controls, keep the deployment up to date, ensure the containers/source code are secure and free of known vulnerabilities. The end users are also responsible for ensuring integrity and authenticity of the models and containers.

Known CVEs

VSS Engine 2.4.1 Container has the following known CVEs:

CVEDescription
GHSA-58pv-8j8x-9vj2This impacts jaraco.context < 6.1.0 python package. This does not affect VSS since it does not install user provided python packages.
CVE-2025-69223This impacts aiohttp < 3.13.3 python package. This does not affect VSS since it gets included as a private package inside ray and ray is not used by VSS.
GHSA-f83h-ghpp-7wccThis impacts pdfminer.six < 20251230 python package. This does not affect VSS since it does not implement PDF parsing.
CVE-2025-68973This impacts gnupg < 2.4.8. This does not affect VSS since it does not implement GPG encryption.
GHSA-mcmc-2m55-j8jj GHSA-mrw7-hf4f-83pf CVE-2025-62372This impacts vLLM < 0.11.1 python package. This does not affect VSS since it does not support user provided embeddings.
CVE-2026-21441This affects urllib3 < 2.6.3 python package. This does not affect VSS since it does not access user provided URLs at runtime.
CVE-2025-3887This impacts GStreamer H.265 codec parser, Malicious malformed streams can cause stack overflow in H.265 codec parser causing the application to crash. Users must take care that malicious H.265 streams are not added to VSS. This can be remedied by building and installing the GStreamer1.24.2 codec parser library after applying the patch mentioned in https://gstreamer.freedesktop.org/security/sa-2025-0001.html.
GHSA-rcfx-77hg-w2wvThis impacts fastmcp < 2.14.0 python package. This does not affect VSS since it already used an updated version of MCP SDK.

VSS Engine 2.4.0 Container (previous version) has the following known CVEs:

CVEDescription
CVE-2024-8966This impacts gradio <= 5.22.0 python package, This impacts the file upload functionality of Gradio UI where an attacker can cause Denial-of-Service (DoS) attack by appending a large number of characters to the end of a multipart boundary. This does not affect VSS since the underlying root cause is already fixed by having a newer version 0.0.18 of python-multipart which does not have this vulnerability.
CVE-2025-4565This impacts protobuf < 4.25.8 python package, This impacts parsing of untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags leading to unbounded recursions and potential Denial-of-Service when protobuf pure-Python backend is used. This does not affect VSS since python backend of protobuf is not used.
CVE-2025-3887This impacts GStreamer H.265 codec parser, Malicious malformed streams can cause stack overflow in H.265 codec parser causing the application to crash. Users must take care that malicious H.265 streams are not added to VSS. This can be remedied by building and installing the GStreamer1.24.2 codec parser library after applying the patch mentioned in https://gstreamer.freedesktop.org/security/sa-2025-0001.html.

GOVERNING TERMS

This blueprint is governed by the NVIDIA Software License Agreement and Product-Specific Terms for NVIDIA AI Products and enables use of separate open source and proprietary software and models governed by their respective licenses: NVIDIA Cosmos-Reason2-8B, NVIDIA Cosmos Reason 1-7B, ReIdentificationNet, Grounding Dino, Facebook Research SAM2, Llama 3.1 70B Instruct NIM, NVIDIA Retrieval QA Llama 3.2 1B Reranking v2 NIM, and NVIDIA Retrieval QA Llama 3.2 1B Embedding v2 NIM. Use of the sample data is governed by the NVIDIA Sample Data License. ADDITIONAL INFORMATION: Apache 2.0 for SAM2. Llama 3.1 Community License Agreement and Llama 3.2 Community License Agreement. Built with Llama.