CVE-2025-32444
- Source
- https://cve.org/CVERecord?id=CVE-2025-32444
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-32444.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-32444
- Aliases
- Related
- Published
- 2025-04-30T00:25:00.655Z
- Modified
- 2026-04-02T12:48:10.713549Z
- Severity
-
- 10.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- vLLM Vulnerable to Remote Code Execution via Mooncake Integration
- Details
-
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerable sockets were set to listen on all network interfaces, increasing the likelihood that an attacker is able to reach the vulnerable ZeroMQ sockets to carry out an attack. vLLM instances that do not make use of the mooncake integration are not vulnerable. This issue has been patched in version 0.8.5.
- Database specific
{ "cwe_ids": [ "CWE-502" ], "cna_assigner": "GitHub_M", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/32xxx/CVE-2025-32444.json" }- References
-
- https://github.com/vllm-project/vllm/blob/32b14baf8a1f7195ca09484de3008063569b43c5/vllm/distributed/kv_transfer/kv_pipe/mooncake_pipe.py#L179
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/32xxx/CVE-2025-32444.json
- https://github.com/vllm-project/vllm/security/advisories/GHSA-hj4w-hm2g-p6w5
- https://github.com/vllm-project/vllm/security/advisories/GHSA-x3m8-f7g5-qhm7
- https://nvd.nist.gov/vuln/detail/CVE-2025-32444
- https://github.com/vllm-project/vllm/commit/a5450f11c95847cf51a17207af9a3ca5ab569b2c
Affected packages
Git / github.com/vllm-project/vllm
Affected versions
Other
ci/build/22474
v0.*
v0.10.0
v0.10.0rc1
v0.10.0rc2
v0.10.1
v0.10.1.1
v0.10.1rc1
v0.10.2
v0.10.2rc1
v0.10.2rc2
v0.10.2rc3
v0.11.0
v0.11.0rc1
v0.11.0rc2
v0.11.0rc3
v0.11.0rc4
v0.11.0rc5
v0.11.0rc6
v0.11.1
v0.11.1rc0
v0.11.1rc1
v0.11.1rc2
v0.11.1rc3
v0.11.1rc4
v0.11.1rc5
v0.11.1rc6
v0.11.1rc7
v0.11.2
v0.12.0
v0.13.0
v0.13.0rc1
v0.13.0rc2
v0.13.0rc3
v0.13.0rc4
v0.14.0
v0.14.0rc0
v0.14.0rc1
v0.14.0rc2
v0.14.1
v0.15.0
v0.15.0rc0
v0.15.0rc1
v0.15.0rc2
v0.15.0rc3
v0.15.1
v0.15.1rc1
v0.15.2rc0
v0.16.0
v0.16.0rc0
v0.16.0rc1
v0.16.0rc2
v0.16.0rc3
v0.16.1rc0
v0.17.0
v0.17.0rc0
v0.17.0rc1
v0.17.1
v0.17.1rc0
v0.17.2rc0
v0.18.0
v0.18.0rc0
v0.18.0rc1
v0.18.0rc2
v0.18.1
v0.18.1rc0
v0.18.2rc0
v0.19.0rc0
v0.19.0rc1
v0.6.5
v0.6.6
v0.6.6.post1
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.8.0
v0.8.0rc1
v0.8.0rc2
v0.8.1
v0.8.2
v0.8.3
v0.8.3rc1
v0.8.4
v0.9.0
v0.9.0.1
v0.9.1
v0.9.1rc1
v0.9.1rc2
v0.9.2
v0.9.2rc1
v0.9.2rc2