CVE-2025-29783

CRITICAL LAB

Vllm < 0.8.0 - Insecure Deserialization

Title source: rule

Description

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. When vLLM is configured to use Mooncake, unsafe deserialization exposed directly over ZMQ/TCP on all network interfaces will allow attackers to execute remote code on distributed hosts. This is a remote code execution vulnerability impacting any deployments using Mooncake to distribute KV across distributed hosts. This vulnerability is fixed in 0.8.0.

Exploits (1)

github WORKING POC

by manus-use · postscriptpoc

https://github.com/manus-use/cve-pocs/tree/main/vllm-CVE-2025-29783

View Code ZIP pw:eip

References (3)

[Patch] https://github.com/vllm-project/vllm/commit/288ca110f68d23909728627d3100e5a8db820aa2

View Patch ZIP pw:eip

[Issue Tracking, Vendor Advisory] https://github.com/vllm-project/vllm/pull/14228

[Vendor Advisory] https://github.com/vllm-project/vllm/security/advisories/GHSA-x3m8-f7g5-qhm7

Scores

CVSS v3 9.0

EPSS 0.0170

EPSS Percentile 82.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Lab Environment

COMMUNITY

Community Lab

docker pull nvidia/cuda:11.8.0-cudnn8-devel-ubuntu22.04

https://github.com/vllm-project/vllm

https://github.com/manus-use/cve-pocs

View in Library

Details

CWE

CWE-502

Status published

Products (2)

pypi/vllm 0.6.5 - 0.8.0PyPI

vllm/vllm 0.6.5 - 0.8.0

Published Mar 19, 2025

Tracked Since Feb 18, 2026