Lucene search
+L

7 matches found

Chainguard
Chainguard
added 2025/05/02 7:14 p.m.36 views

CVE-2025-32444 vulnerabilities

Vulnerabilities for packages: py3.10-vllm-cuda-12.6...

10CVSS7.2AI score0.01478EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/04/30 10:42 a.m.12 views

CVE-2025-32444

A flaw was found in the vllm component. The affected versions of vllm having vLLM integration with mooncake are vulnerable to remote code execution due to pickle-based serialization over unsecured ZeroMQ sockets. The vulnerable sockets were set to listen on all network interfaces, increasing the...

10CVSS9.7AI score0.01478EPSS
Exploits1References7
NVD
NVD
added 2025/04/30 1:15 a.m.49 views

CVE-2025-32444

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerab...

10CVSS0.01478EPSS
Exploits1References4
Circl
Circl
added 2025/04/30 1:7 a.m.9 views

CVE-2025-32444

creationtimestamp| type| source ---|---|--- 2025-04-30 01:07:10+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114424232674350194 2025-04-30 01:48:36+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114424395593995699 2025-04-30 03:30:38+00:00|...

10CVSS8.6AI score0.01478EPSS
Exploits1References12
CVE
CVE
added 2025/04/30 12:25 a.m.242 views

CVE-2025-32444

vLLM (0.6.5–0.8.4) with mooncake integration is vulnerable to remote code execution due to pickle-based serialization over unsecured ZeroMQ sockets that were listening on all interfaces. This could be exploited remotely; non-mooncake deployments are not affected. The issue is fixed in vLLM 0.8.5....

10CVSS9.8AI score0.01478EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/04/30 12:25 a.m.51 views

CVE-2025-32444 vLLM Vulnerable to Remote Code Execution via Mooncake Integration

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerab...

10CVSS0.01478EPSS
Exploits1References4
OSV
OSV
added 2025/04/30 12:25 a.m.20 views

CVE-2025-32444 vLLM Vulnerable to Remote Code Execution via Mooncake Integration

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerab...

10CVSS8.8AI score0.01478EPSS
Exploits1References6
Rows per page
Query Builder