1  info:
 2    name: vllm
 3    cve: CVE-2025-24357
 4    summary: Malicious model remote code execution fix bypass with PyTorch < 2.6.0
 5    details: |
 6      Loading a malicious model could result in code execution on the vllm host. The fix applied to specify `weights_only=True` to calls to `torch.load()` did not solve the problem prior to PyTorch 2.6.0.
 7      This means that versions of vLLM using PyTorch before 2.6.0 are vulnerable to this problem.
 8    cvss: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
 9    severity: CRITICAL
10    security_advise: |
11      1. Upgrade to PyTorch version 2.6.0 or higher.
12      2. Ensure that all installations of vLLM use a secure version of PyTorch as specified in the official documentation.
13  rule: version < "0.8.0"
14  references:
15    - https://github.com/pytorch/pytorch/security/advisories/GHSA-53q9-r3pm-6pq6
16    - https://github.com/vllm-project/vllm/security/advisories/GHSA-ggpf-24jw-3fcw
17    - https://github.com/vllm-project/vllm/security/advisories/GHSA-rh4j-5rhw-hr54
18    - https://github.com/vllm-project/vllm