Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Vllm-projectVllm

3 matches found

CVE
CVEadded 2025/03/19 4:15 p.m.209 views

CVE-2025-29783

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. When vLLM is configured to use Mooncake, unsafe deserialization exposed directly over ZMQ/TCP on all network interfaces will allow attackers to execute remote code on distributed hosts. This is a remote code execu...

9CVSS9.8AI score0.00745EPSS
CVE
CVEadded 2025/05/20 6:15 p.m.160 views

CVE-2025-47277

vLLM, an inference and serving engine for large language models (LLMs), has an issue in versions 0.6.5 through 0.8.4 that ONLY impacts environments using the PyNcclPipe KV cache transfer integration with the V0 engine. No other configurations are affected. vLLM supports the use of the PyNcclPipe cl...

9.8CVSS9.5AI score0.0007EPSS
CVE
CVEadded 2025/03/20 10:15 a.m.112 views

CVE-2024-9053

vllm-project vllm version 0.6.0 contains a vulnerability in the AsyncEngineRPCServer() RPC server entrypoints. The core functionality run_server_loop() calls the function _make_handler_coro(), which directly uses cloudpickle.loads() on received messages without any sanitization. This can result in ...

9.8CVSS9.7AI score0.00641EPSS