Vllm Security Vulnerabilities and Issues — Vllm CVE List

Lucene search

Vllm-projectVllm

3 matches found

CVE•added 2025/04/30 1:15 a.m.•163 views

CVE-2025-32444

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerable...

10CVSS9.8AI score0.0077EPSS

CVE•added 2025/04/30 1:15 a.m.•151 views

CVE-2025-46560

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.8.0 and prior to 0.8.5 are affected by a critical performance vulnerability in the input preprocessing logic of the multimodal tokenizer. The code dynamically replaces placeholder tokens (...

7.5CVSS6.6AI score0.00062EPSS

CVE•added 2025/04/30 1:15 a.m.•143 views

CVE-2025-30202

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.5.2 and prior to 0.8.5 are vulnerable to denial of service and data exposure via ZeroMQ on multi-node vLLM deployment. In a multi-node vLLM deployment, vLLM uses ZeroMQ for some multi-node...

7.5CVSS7.7AI score0.00071EPSS