6 matches found
CVE-2025-29783 vulnerabilities
Vulnerabilities for packages: tritonserver-backend-vllm, py3.10-vllm-cuda-11.8...
CVE-2025-29783
creationtimestamp| type| source ---|---|--- 2025-03-19 16:40:23+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lkqmqrrvxt2p 2025-03-19 17:27:23+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114190269963714967 2025-03-19 17:30:32+00:00| published-proof-of-concept|...
CVE-2025-29783
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. When vLLM is configured to use Mooncake, unsafe deserialization exposed directly over ZMQ/TCP on all network interfaces will allow attackers to execute remote code on distributed hosts. This is a remote code...
CVE-2025-29783
CVE-2025-29783 affects vLLM when Mooncake is configured for KV distribution across distributed hosts. The root cause is unsafe deserialization via pickle in the mooncake_pipe path exposed over ZMQ/TCP on all network interfaces, allowing remote code execution on affected distributed hosts. Public ...
CVE-2025-29783 vLLM Allows Remote Code Execution via Mooncake Integration
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. When vLLM is configured to use Mooncake, unsafe deserialization exposed directly over ZMQ/TCP on all network interfaces will allow attackers to execute remote code on distributed hosts. This is a remote code...
CVE-2025-29783 vLLM Allows Remote Code Execution via Mooncake Integration
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. When vLLM is configured to use Mooncake, unsafe deserialization exposed directly over ZMQ/TCP on all network interfaces will allow attackers to execute remote code on distributed hosts. This is a remote code...