2 matches found
CVE-2025-60455
Unsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "--experimental-enable-kvcache-agent" feature is used allowing attackers to execute arbitrary code...
CVE-2025-60455
Modular Max Serve contains an unsafe deserialization vulnerability (CVE-2025-60455) that can lead to arbitrary code execution when the --experimental-enable-kvcache-agent feature is enabled. Affected versions are prior to 25.6; exploit would require local access (attack vector LOCAL) with no user...