4 matches found
CVE-2025-30202
creationtimestamp| type| source ---|---|--- 2025-04-30 03:30:38+00:00| published-proof-of-concept| Telegram/hbVDftoo7cklg62Gdj6otKY7hUkOaO8wH7xugOEL8u8l2Gc 2025-04-30 03:50:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnyvdl4h4h2l 2025-04-30 05:22:33+00:00| seen|...
CVE-2025-30202 Data exposure via ZeroMQ on multi-node vLLM deployment
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.5.2 and prior to 0.8.5 are vulnerable to denial of service and data exposure via ZeroMQ on multi-node vLLM deployment. In a multi-node vLLM deployment, vLLM uses ZeroMQ for some multi-no...
CVE-2025-30202 Data exposure via ZeroMQ on multi-node vLLM deployment
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.5.2 and prior to 0.8.5 are vulnerable to denial of service and data exposure via ZeroMQ on multi-node vLLM deployment. In a multi-node vLLM deployment, vLLM uses ZeroMQ for some multi-no...
CVE-2025-30202
CVE-2025-30202 affects vLLM versions 0.5.2 up to 0.8.4 (prior to 0.8.5) in multi-node deployments. The root cause is an XPUB ZeroMQ socket bound to ALL interfaces on the primary host used for tensor parallelism, which can be accessed by any client with network access. This allows potential data e...