Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

NVD
NVDadded 2025/03/19 4:15 p.m.9 views

CVE-2025-29783

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. When vLLM is configured to use Mooncake, unsafe deserialization exposed directly over ZMQ/TCP on all network interfaces will allow attackers to execute remote code on distributed hosts. This is a remote code...

9CVSS0.02122EPSS
Exploits0References3
OSV
OSVadded 2025/03/19 4:15 p.m.1 views

PYSEC-2025-63

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. When vLLM is configured to use Mooncake, unsafe deserialization exposed directly over ZMQ/TCP on all network interfaces will allow attackers to execute remote code on distributed hosts. This is a remote code...

9CVSS8.3AI score0.02122EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2025/03/19 3:55 p.m.29 views

vLLM Allows Remote Code Execution via Mooncake Integration

Summary When vLLM is configured to use Mooncake, unsafe deserialization exposed directly over ZMQ/TCP will allow attackers to execute remote code on distributed hosts. Details 1. Pickle deserialization vulnerabilities are well documented. 2. The mooncake pipe is exposed over the network by design...

9CVSS9.6AI score0.02122EPSS
Exploits0References6Affected Software1
CVE
CVEadded 2025/03/19 3:33 p.m.269 views

CVE-2025-29783

CVE-2025-29783 affects vLLM when Mooncake is configured for KV distribution across distributed hosts. The root cause is unsafe deserialization via pickle in the mooncake_pipe path exposed over ZMQ/TCP on all network interfaces, allowing remote code execution on affected distributed hosts. Public ...

9CVSS9.8AI score0.02122EPSS
Exploits0References3Affected Software1
Check Point Advisories
Check Point Advisoriesadded 2010/10/03 12:0 a.m.1 views

Oracle Secure Backup Administration preauth Variable Command Injection (CVE-2010-0906)

Oracle Secure Backup is a backup solution allowing for centralized tape backup management. The server allowsfor single point of management of data present on network attached storage NAS devices and distributed hostswhich may have different operating systems. A command execution vulnerability...

9CVSS7.1AI score0.00424EPSS
Exploits12
Check Point Advisories
Check Point Advisoriesadded 2010/09/05 12:0 a.m.3 views

Oracle Secure Backup observiced.exe Buffer Overflow (CVE-2010-0072)

Oracle Secure Backup is a backup solution allowing for centralized tape backup management. The server allowsfor single point of management of data present on network attached storage NAS devices and distributed hostswhich may have different operating systems. A stack buffer overflow vulnerability...

10CVSS7.2AI score0.10259EPSS
Exploits0
Rows per page
Query Builder