7 matches found
CVE-2025-32444 vulnerabilities
Vulnerabilities for packages: py3.10-vllm-cuda-12.6...
CVE-2025-32444
A flaw was found in the vllm component. The affected versions of vllm having vLLM integration with mooncake are vulnerable to remote code execution due to pickle-based serialization over unsecured ZeroMQ sockets. The vulnerable sockets were set to listen on all network interfaces, increasing the...
CVE-2025-32444
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerab...
CVE-2025-32444
creationtimestamp| type| source ---|---|--- 2025-04-30 01:07:10+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114424232674350194 2025-04-30 01:48:36+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114424395593995699 2025-04-30 03:30:38+00:00|...
CVE-2025-32444
vLLM (0.6.5–0.8.4) with mooncake integration is vulnerable to remote code execution due to pickle-based serialization over unsecured ZeroMQ sockets that were listening on all interfaces. This could be exploited remotely; non-mooncake deployments are not affected. The issue is fixed in vLLM 0.8.5....
CVE-2025-32444 vLLM Vulnerable to Remote Code Execution via Mooncake Integration
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerab...
CVE-2025-32444 vLLM Vulnerable to Remote Code Execution via Mooncake Integration
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerab...