GHSA-HJ4W-HM2G-P6W5 vLLM Vulnerable to Remote Code Execution via Mooncake Integration
Impacted Deployments Note that vLLM instances that do NOT make use of the mooncake integration are NOT vulnerable. Description vLLM integration with mooncake is vaulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerable sockets were...