CVE-2025-29783 — vLLM Allows Remote Code Execution via Mooncake Integration

Description

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. When vLLM is configured to use Mooncake, unsafe deserialization exposed directly over ZMQ/TCP on all network interfaces will allow attackers to execute remote code on distributed hosts. This is a remote code execution vulnerability impacting any deployments using Mooncake to distribute KV across distributed hosts. This vulnerability is fixed in 0.8.0.

How to fix CVE-2025-29783

To remediate CVE-2025-29783, upgrade the affected package to a fixed version below.

—upgrade to 0.8.0 or later
—upgrade to 288ca110f68d23909728627d3100e5a8db820aa2 or later

Is CVE-2025-29783 being exploited?

Low — EPSS is 2.1%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

>= 0.6.5, < 0.8.0
from 0, < 288ca110f68d23909728627d3100e5a8db820aa2 | >= 0.6.5, < 0.8.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	CRITICAL9.0	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References (6)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2025-29783
PATCHgithub.com/vllm-project/vllm
WEBgithub.com/pypa/advisory-database/tree/main/vulns/vllm/PYSEC-2025-63.yaml
WEBgithub.com/vllm-project/vllm/commit/288ca110f68d23909728627d3100e5a8db820aa2