CVE-2025-32444

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerable sockets were set to listen on all network interfaces, increasing the likelihood that an attacker is able to reach the vulnerable ZeroMQ sockets to carry out an attack. vLLM instances that do not make use of the mooncake integration are not vulnerable. This issue has been patched in version 0.8.5.

CVSS v3 10.0 CRITICAL

10.0^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://github.com/vllm-project/vllm/blob/32b14baf8a1f7195ca09484de3008063569b43c5/vllm/distributed/kv_transfer/kv_pipe/mooncake_pipe.py#L179
https://github.com/vllm-project/vllm/commit/a5450f11c95847cf51a17207af9a3ca5ab569b2c
https://github.com/vllm-project/vllm/security/advisories/GHSA-hj4w-hm2g-p6w5
https://github.com/vllm-project/vllm/security/advisories/GHSA-x3m8-f7g5-qhm7

Configurations

No configuration.

History

30 Apr 2025, 01:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-30 01:15

Updated : 2025-04-30 01:15

NVD link : CVE-2025-32444

Mitre link : CVE-2025-32444

CVE.ORG link : CVE-2025-32444

JSON object : View

Products Affected

No product.

CWE

CWE-502

Deserialization of Untrusted Data

10.0 /10