Vulnerability Description
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerable sockets were set to listen on all network interfaces, increasing the likelihood that an attacker is able to reach the vulnerable ZeroMQ sockets to carry out an attack. vLLM instances that do not make use of the mooncake integration are not vulnerable. This issue has been patched in version 0.8.5.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vllm | Vllm | >= 0.6.5, < 0.8.5 |
Related Weaknesses (CWE)
References
- https://github.com/vllm-project/vllm/blob/32b14baf8a1f7195ca09484de3008063569b43Product
- https://github.com/vllm-project/vllm/commit/a5450f11c95847cf51a17207af9a3ca5ab56Patch
- https://github.com/vllm-project/vllm/security/advisories/GHSA-hj4w-hm2g-p6w5ExploitVendor Advisory
- https://github.com/vllm-project/vllm/security/advisories/GHSA-x3m8-f7g5-qhm7Not Applicable
FAQ
What is CVE-2025-32444?
CVE-2025-32444 is a vulnerability with a CVSS score of 10.0 (CRITICAL). vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote c...
How severe is CVE-2025-32444?
CVE-2025-32444 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-32444?
Check the references section above for vendor advisories and patch information. Affected products include: Vllm Vllm.