CVE-2025-32444

Name of the Vulnerable Software and Affected Versions vLLM versions 0.6.5 through 0.8.4

Description vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. The issue concerns the use of pickle-based serialization over unsecured ZeroMQ sockets when vLLM is integrated with mooncake, leading to remote code execution. The vulnerable sockets were set to listen on all network interfaces, increasing the likelihood of an attack. vLLM instances without mooncake integration are not vulnerable. This issue has been patched in version 0.8.5.

Recommendations To resolve the issue, update to version 0.8.5 or later. As a temporary workaround, consider disabling the mooncake integration until a patch is applied. Restrict access to the vulnerable ZeroMQ sockets to minimize the risk of exploitation. Avoid using pickle-based serialization over unsecured sockets in the affected API endpoints until the issue is resolved.