CVE-2025-32444

moderate-risk

Published 2025-04-30

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.6.5 and prior to 0.8.5, having vLLM integration with mooncake, are vulnerable to remote code execution due to using pickle based serialization over unsecured ZeroMQ sockets. The vulnerable sockets were set to listen on all network interfaces, increasing the likelihood that an attacker is able to reach the vulnerable ZeroMQ sockets to carry out an attack. vLLM instances that do not make use of the mooncake integration are not vulnerable. This issue has been patched in version 0.8.5.

Do I need to act?

2.5% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Fix available

Upgrade to: ba41cc90e8ef7f236347b2f1599eec2cbb9e1f0d

CVSS 10.0/10 Critical

NETWORK / LOW complexity

Affected Products (1)

Vllm

Affected Vendors

Vllm

References (4)

Product https://github.com/vllm-project/vllm/blob/32b14baf8a1f7195ca09484de3008063569b43...

Patch https://github.com/vllm-project/vllm/commit/a5450f11c95847cf51a17207af9a3ca5ab56...

Exploit https://github.com/vllm-project/vllm/security/advisories/GHSA-hj4w-hm2g-p6w5

Not Applicable https://github.com/vllm-project/vllm/security/advisories/GHSA-x3m8-f7g5-qhm7

/ 100

moderate-risk

Severity 33/34 · Critical

Exploitability 6/34 · Minimal

Exposure 5/34 · Minimal