Lucene search
+L

4 matches found

Circl
Circl
added 2025/04/30 3:30 a.m.27 views

CVE-2025-30202

creationtimestamp| type| source ---|---|--- 2025-04-30 03:30:38+00:00| published-proof-of-concept| Telegram/hbVDftoo7cklg62Gdj6otKY7hUkOaO8wH7xugOEL8u8l2Gc 2025-04-30 03:50:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnyvdl4h4h2l 2025-04-30 05:22:33+00:00| seen|...

7.5CVSS7.3AI score0.00505EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/04/30 12:24 a.m.52 views

CVE-2025-30202 Data exposure via ZeroMQ on multi-node vLLM deployment

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.5.2 and prior to 0.8.5 are vulnerable to denial of service and data exposure via ZeroMQ on multi-node vLLM deployment. In a multi-node vLLM deployment, vLLM uses ZeroMQ for some multi-no...

7.5CVSS0.00505EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/04/30 12:24 a.m.6 views

CVE-2025-30202 Data exposure via ZeroMQ on multi-node vLLM deployment

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.5.2 and prior to 0.8.5 are vulnerable to denial of service and data exposure via ZeroMQ on multi-node vLLM deployment. In a multi-node vLLM deployment, vLLM uses ZeroMQ for some multi-no...

7.5CVSS7.7AI score0.00505EPSS
Exploits1References3
CVE
CVE
added 2025/04/30 12:24 a.m.225 views

CVE-2025-30202

CVE-2025-30202 affects vLLM versions 0.5.2 up to 0.8.4 (prior to 0.8.5) in multi-node deployments. The root cause is an XPUB ZeroMQ socket bound to ALL interfaces on the primary host used for tensor parallelism, which can be accessed by any client with network access. This allows potential data e...

7.5CVSS7.7AI score0.00505EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder