The vLLM 2026 release arc is a persistence story the server changelog refuses to tell.

The 2026 release arc is anchored by two major minor versions. v0.18.0 shipped late March 2026 (v0.18.1 patch followed March 31) and introduced native gRPC serving behind --grpc, GPU NGram speculative decoding, and KV cache offloading to CPU or disk. v0.19.0 shipped April 2, 2026 (v0.19.1 patch April 18) with async scheduling flipped on by default (overlapping engine scheduling with GPU execution), complete Gemma 4 architecture support across E2B, E4B, 26B MoE, and 31B Dense variants, speculative decoding composed with the async scheduler for zero-bubble overlap, and a patch for CVE-2026-0994 affecting the Completions API endpoint on 0.10.2 and later.

Client-side persistence and cadence. The server features in v0.18 and v0.19 (prefix caching, KV offload, continuous batching, async scheduler) all optimize for a workload shape the client must produce: stable long prefixes, low per-request QPS, and many concurrent long-lived sessions. A client that reopens with a fresh session on every launch, ships one-off prompts, and hits the server once per mouse click cannot hit the sweet spot those features were built for. Fazm ships three client-side mechanisms that produce exactly the shape: session/resume with persisted session IDs at acp-bridge/src/index.ts line 1333, three role-scoped stable system prompts at Desktop/Sources/Providers/ChatProvider.swift lines 1047-1051, and CHAT_OBSERVER_BATCH_SIZE = 10 at acp-bridge/src/index.ts line 1156.

acp-bridge/src/index.ts line 1333, inside the Promise.all pre-warm loop. The call is await acpRequest('session/resume', { sessionId: cfg.resume, cwd: warmCwd, mcpServers: buildMcpServers('act', warmCwd, cfg.key) }). It fires only when cfg.resume is defined (line 1331, if (cfg.resume)). The resume IDs come from UserDefaults: savedMainSessionId at Desktop/Sources/Providers/ChatProvider.swift line 1041 (UserDefaults.standard.string(forKey: mainSessionIdKey)) and savedFloatingSessionId at line 1040. Line 1338 sets sessionId = cfg.resume and line 1341 calls session/set_model right after, because the ACP SDK would otherwise reset the model binding on resume.

vLLM's automatic prefix caching (on by default in the 2026 release line) reuses the KV cache when a new request shares a prefix with a previous one. When Fazm calls session/resume with a persisted sessionId, the entire prior conversation is preserved: same system prompt prefix, same tool trace prefix, same role tokens. A cold-start client that creates a fresh session on every app launch breaks that assumption, because every launch produces a new conversation preamble. With resume, the prefix a session sends after app restart is byte-identical to the prefix it sent before app restart (up to the prior message), which is exactly the worst-case-best-case ratio prefix caching was designed to exploit.

It is a constant declared at acp-bridge/src/index.ts line 1156 with the comment Send batch every N turn pairs. The bufferChatObserverTurn function at line 1158 pushes each role/text turn into chatObserverBuffer (line 1159). The condition at line 1162 fires flushChatObserverBatch when Math.floor(chatObserverBuffer.length / 2) >= 10. The flush at line 1183 splices the entire buffer and line 1184 joins it with join('\n\n') before sending one observer prompt that covers ten turn pairs. For vLLM's continuous batching, this matters because the observer is a low-priority background session; batching 10 turn pairs into one request reduces the observer's QPS by 10x, keeps its prefix stable (same chatObserverSystemPrompt at line 1050), and leaves the continuous-batching slot free for the main and floating sessions that are user-interactive.

As three long-lived clients with very stable prefixes. main and floating are driven by user keystrokes; observer is driven by the 10-turn-pair batch flush. Every Fazm session holds its sessionId across app restarts (via UserDefaults at ChatProvider.swift lines 1040-1041, then replayed via session/resume at index.ts line 1333). vLLM's prefix-cache hit rate on this workload is high because (a) the system-prompt prefix is re-sent every turn byte-identical, (b) the prior-turn trace is byte-identical after resume, (c) the observer batches collapse ten distinct turns into one prompt that still starts with the same chatObserverSystemPrompt prefix. None of the 2026 vLLM blog posts or release notes describe what it takes to produce this shape; they describe the server's reaction to it.

KV cache offloading moves inactive KV entries out of GPU HBM into CPU RAM or disk. For a single-shot REST client, offloading is mostly a memory-pressure knob. For a Fazm-shaped client, it is structural: the observer session sits idle for 10 turn pairs at a time, the floating session sits idle while the user focuses on main, and main sits idle while the user reads the previous response. A 2026 vLLM server with KV offloading can evict those idle sessions' KV tensors to CPU RAM, then reload them when the session sends its next request (identified by sessionId). Without persistent sessionIds on the client, the server has to guess which sessions are reusable. Fazm's session/resume mechanism makes that guess trivial.

v0.19 ships full Google Gemma 4 support across four variants: E2B (effective 2B), E4B (effective 4B), 26B MoE, and 31B Dense. All variants support multimodal inputs, reasoning traces, and native tool-use. Fazm's three pre-warmed sessions at ChatProvider.swift lines 1047-1051 each bind their own model at index.ts line 1366 via session/set_model. A 2026 Fazm deployment could assign main to 31B Dense (best tool-use), floating to E4B (fastest for overlay snippets), and observer to E2B (cheapest for background batches), all served by one vLLM instance. The async scheduler in v0.19 then overlaps their scheduling into one GPU pass, and the prefix cache is partitioned by sessionId.

CVE-2026-0994 is a vulnerability in vLLM's Completions API endpoint affecting 0.10.2 and later. The patch ships in the April 2026 release cycle. For a desktop-agent deployment where vLLM is bound to localhost only, the blast radius is smaller than for a public-internet deployment, but the right answer is always to run v0.19.1 or the backported patch. Fazm's client-side mechanisms (session/resume, three stable prompts, observer batching) are orthogonal to this CVE; they protect the client-side context budget and server-side cache-hit rate, not the server's request-parsing surface. Run both.

Three greps close the loop. rg -n 'session/resume' acp-bridge/src/index.ts locates the resume call at line 1333. rg -n 'CHAT_OBSERVER_BATCH_SIZE' acp-bridge/src/index.ts locates the batching constant at line 1156 and its use at line 1162. rg -n 'warmupSession' Desktop/Sources/Providers/ChatProvider.swift locates the three-role warmup at line 1047, and the three .init(key:...) entries span lines 1048-1050. Four files, zero install.

Fazm's default transport is Anthropic-protocol. The workload shape described in this guide (three concurrent sessions, stable system prompts, persistent sessionIds, observer batching) is the same shape regardless of backend. Pointing Fazm at a local vLLM deployment is an integration exercise; vLLM already exposes an OpenAI-compatible /v1/chat/completions endpoint (and in v0.18 adds gRPC alongside). An Anthropic-to-OpenAI protocol shim plus setting ANTHROPIC_BASE_URL in the ACP subprocess environment is enough. What is permanent is the client-side shape: that code is in git today and it produces a vLLM-friendly workload whether the backend is Claude, a local vLLM, or both.

The SERP treats the server as if it runs in a vacuum. It doesn't. Prefix caching needs prefixes that repeat across requests. Continuous batching needs multiple concurrent long-lived clients. KV offloading needs persistent sessionIds so the server knows which KV slots are reusable. The async scheduler needs per-turn input small enough that engine-side work is not the bottleneck. Any one client failure breaks the whole compounding stack. Fazm's three mechanisms (resume, three prompts, batch size 10) are not features; they are preconditions. v0.18 and v0.19 land at spec only on workloads that satisfy them.