{"id":"PYSEC-2025-63","details":"vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. When vLLM is configured to use Mooncake, unsafe deserialization exposed directly over ZMQ/TCP on all network interfaces will allow attackers to execute remote code on distributed hosts. This is a remote code execution vulnerability impacting any deployments using Mooncake to distribute KV across distributed hosts. This vulnerability is fixed in 0.8.0.","aliases":["CVE-2025-29783","GHSA-x3m8-f7g5-qhm7"],"modified":"2025-07-01T23:59:56.271533Z","published":"2025-03-19T16:15:32Z","references":[{"type":"REPORT","url":"https://github.com/vllm-project/vllm/pull/14228"},{"type":"ADVISORY","url":"https://github.com/vllm-project/vllm/security/advisories/GHSA-x3m8-f7g5-qhm7"},{"type":"FIX","url":"https://github.com/vllm-project/vllm/commit/288ca110f68d23909728627d3100e5a8db820aa2"}],"affected":[{"package":{"name":"vllm","ecosystem":"PyPI","purl":"pkg:pypi/vllm"},"ranges":[{"type":"GIT","repo":"https://github.com/vllm-project/vllm","events":[{"introduced":"0"},{"fixed":"288ca110f68d23909728627d3100e5a8db820aa2"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0.6.5"},{"fixed":"0.8.0"}]}],"versions":["0.6.5","0.6.6","0.6.6.post1","0.7.0","0.7.1","0.7.2","0.7.3"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/vllm/PYSEC-2025-63.yaml"}}],"schema_version":"1.7.3"}