2 matches found
CVE-2026-49121
CVE-2026-49121 affects AI Tensor Engine for ROCm (AITER) up to version 0.1.14. The vulnerability exists in the MessageQueue.recv() function in shm_broadcast.py, where an unauthenticated remote attacker can deliver a crafted pickle payload to a ZMQ SUB socket (no authentication, no HMAC, no format...
Remote Code Execution (RCE)
vllm is vulnerable to Remote Code Execution RCE. The vulnerability is due to the use of Python’s pickle module on untrusted data received over a ZeroMQ SUB socket in multi-node deployments using the V0 engine, which allows an attacker to execute arbitrary code on the target machine and potentiall...