CVE-2025-60455

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-60455
Unsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "--experimental-enable-kvcache-agent" feature is used allowing attackers to execute arbitrary code.

8.4 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/modular/modular/blame/main/max/serve/kvcache_agent/kvcache_agent.py#L220 Broken Link
https://github.com/modular/modular/commit/10620059fb5c47fb0c30e5d21a8ff3b8d622fba4 Patch
https://github.com/modular/modular/commit/b20e749fa892dbe772e890a268002f732164d9f5 Patch
https://github.com/modular/modular/commit/ee9c4ab02345dd30bed8b79771b6909ff1b930a1 Patch
https://github.com/modular/modular/issues/4795 Issue Tracking Patch
https://www.oligo.security/blog/shadowmq-how-code-reuse-spread-critical-vulnerabilities-across-the-ai-ecosystem Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:modular:max:*:*:*:*:*:*:*:*
History

08 Jan 2026, 17:02

Type Values Removed Values Added
First Time Modular max
Modular
CPE cpe:2.3:a:modular:max:*:*:*:*:*:*:*:*
References () https://github.com/modular/modular/blame/main/max/serve/kvcache_agent/kvcache_agent.py#L220 - () https://github.com/modular/modular/blame/main/max/serve/kvcache_agent/kvcache_agent.py#L220 - Broken Link
References () https://github.com/modular/modular/commit/10620059fb5c47fb0c30e5d21a8ff3b8d622fba4 - () https://github.com/modular/modular/commit/10620059fb5c47fb0c30e5d21a8ff3b8d622fba4 - Patch
References () https://github.com/modular/modular/commit/b20e749fa892dbe772e890a268002f732164d9f5 - () https://github.com/modular/modular/commit/b20e749fa892dbe772e890a268002f732164d9f5 - Patch
References () https://github.com/modular/modular/commit/ee9c4ab02345dd30bed8b79771b6909ff1b930a1 - () https://github.com/modular/modular/commit/ee9c4ab02345dd30bed8b79771b6909ff1b930a1 - Patch
References () https://github.com/modular/modular/issues/4795 - () https://github.com/modular/modular/issues/4795 - Issue Tracking, Patch
References () https://www.oligo.security/blog/shadowmq-how-code-reuse-spread-critical-vulnerabilities-across-the-ai-ecosystem - () https://www.oligo.security/blog/shadowmq-how-code-reuse-spread-critical-vulnerabilities-across-the-ai-ecosystem - Exploit, Third Party Advisory

19 Nov 2025, 19:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.4
CWE CWE-502

18 Nov 2025, 19:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-11-18 19:15

Updated : 2026-01-08 17:02

NVD link : CVE-2025-60455

Mitre link : CVE-2025-60455

CVE.ORG link : CVE-2025-60455

JSON object : View

Products Affected

modular

  • max
CWE
CWE-502

Deserialization of Untrusted Data