CVE-2025-29783 — Deserialization of Untrusted Data in Vllm

CWE-502 — Deserialization of Untrusted Data5 documents4 sources

Severity

9.0CRITICALNVD

EPSS

1.7%

top 17.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vllm Vllm-project Vllm

Timeline

PublishedMar 19

Description

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. When vLLM is configured to use Mooncake, unsafe deserialization exposed directly over ZMQ/TCP on all network interfaces will allow attackers to execute remote code on distributed hosts. This is a remote code execution vulnerability impacting any deployments using Mooncake to distribute KV across distributed hosts. This vulnerability is fixed in 0.8.0.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.3 | Impact: 6.0

Affected Packages3 packages

▶NVDvllm/vllm0.6.5 — 0.8.0

▶PyPIvllm/vllm0.6.5 — 0.8.0+1

▶CVEListV5vllm-project/vllm>= 0.6.5, < 0.8.0

Patches

Patch: github.com ↗

🔴Vulnerability Details

OSV

vLLM Allows Remote Code Execution via Mooncake Integration↗2025-03-19

▶

OSV

CVE-2025-29783: vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs↗2025-03-19

▶

GHSA

vLLM Allows Remote Code Execution via Mooncake Integration↗2025-03-19

▶

📋Vendor Advisories

Red Hat

vllm: vLLM Allows Remote Code Execution via Mooncake Integration↗2025-03-19

▶