Multiple vulnerabilities in vLLM
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2025-46560 CVE-2025-32444 CVE-2025-30202 CVE-2025-47277 |
| CWE-ID | CWE-400 CWE-502 CWE-770 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
vLLM Universal components / Libraries / Libraries used by multiple products |
| Vendor | vLLM |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Resource exhaustion
EUVDB-ID: #VU121142
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-46560
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists in the input preprocessing logic of the multimodal tokenizer. A remote user can pass specially crafted data to the application to trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsvLLM: 0.8.0 - 0.8.4
CPE2.3- cpe:2.3:a:vllm:vllm:0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:vllm:vllm:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:vllm:vllm:0.8.2:*:*:*:*:*:*:*
https://github.com/vllm-project/vllm/security/advisories/GHSA-vc6m-hm49-g9qg
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Deserialization of untrusted data
EUVDB-ID: #VU121141
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-32444
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data in Mooncake integration. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.
Note, only systems with Mooncake integration are affected.
MitigationInstall updates from vendor's website.
Vulnerable software versionsvLLM: 0.6.5 - 0.8.4
CPE2.3- cpe:2.3:a:vllm:vllm:0.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:vllm:vllm:0.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:vllm:vllm:0.7.0:*:*:*:*:*:*:*
https://github.com/vllm-project/vllm/security/advisories/GHSA-hj4w-hm2g-p6w5
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Allocation of Resources Without Limits or Throttling
EUVDB-ID: #VU121140
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-30202
CWE-ID:
CWE-770 - Allocation of Resources Without Limits or Throttling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when processing connection requests. A remote attacker can establish multiple connections to the XPUB socket without reading any data and perform a denial of service attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsvLLM: 0.5.2 - 0.8.4
CPE2.3- cpe:2.3:a:vllm:vllm:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:vllm:vllm:0.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:vllm:vllm:0.5.4:*:*:*:*:*:*:*
https://github.com/vllm-project/vllm/security/advisories/GHSA-9f8f-2vmf-885j
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Deserialization of untrusted data
EUVDB-ID: #VU121139
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-47277
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data within the PyNcclPipe service. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.
Note, this vulnerability affects only environments using the PyNcclPipe KV cache transfer integration with the V0 engine.
MitigationInstall updates from vendor's website.
Vulnerable software versionsvLLM: 0.6.5 - 0.8.4
CPE2.3- cpe:2.3:a:vllm:vllm:0.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:vllm:vllm:0.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:vllm:vllm:0.7.0:*:*:*:*:*:*:*
https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
