10 matches found
EUVD-2025-13625
Malicious code in bioql PyPI...
CVE-2025-30165 Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration
vLLM is an inference and serving engine for large language models. In a multi-node vLLM deployment using the V0 engine, vLLM uses ZeroMQ for some multi-node communication purposes. The secondary vLLM hosts open a SUB ZeroMQ socket and connect to an XPUB socket on the primary vLLM host. When data ...
PYSEC-2025-42
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerab...
CVE-2025-32444
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerab...
PYSEC-2025-42
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerab...
CVE-2025-32444 vLLM Vulnerable to Remote Code Execution via Mooncake Integration
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerab...
CVE-2025-32444 vLLM Vulnerable to Remote Code Execution via Mooncake Integration
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerab...
CVE-2025-32444 vLLM Vulnerable to Remote Code Execution via Mooncake Integration
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerab...
PT-2025-18216
Name of the Vulnerable Software and Affected Versions vLLM versions 0.6.5 through 0.8.4 Description vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. The issue concerns the use of pickle-based serialization over unsecured ZeroMQ sockets when vLLM is integrated...
PT-2024-33890
Name of the Vulnerable Software and Affected Versions Llama Stack versions prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 Meta Llama Framework affected versions not specified Description Llama Stack, prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005, used Pickle as a...