CVE-2025-30165: Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration
In a multi-node vLLM deployment using the V0 engine, vLLM uses ZeroMQ for some multi-node communication purposes. The secondary vLLM hosts open a SUB ZeroMQ socket and connect to an XPUB socket on the primary vLLM host.
References
- github.com/advisories/GHSA-9pcc-gvx5-r5wm
- github.com/vllm-project/vllm
- github.com/vllm-project/vllm/blob/c21b99b91241409c2fdf9f3f8c542e8748b317be/vllm/distributed/device_communicators/shm_broadcast.py
- github.com/vllm-project/vllm/blob/c21b99b91241409c2fdf9f3f8c542e8748b317be/vllm/distributed/device_communicators/shm_broadcast.py
- github.com/vllm-project/vllm/security/advisories/GHSA-9pcc-gvx5-r5wm
- nvd.nist.gov/vuln/detail/CVE-2025-30165
Code Behaviors & Features
Detect and mitigate CVE-2025-30165 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →