Home > Vulnerability Database > CVE-2025-24357

Mend.io Vulnerability Database

CVE-2025-24357

Good to know:

Date: January 27, 2025

vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py implements hf_model_weights_iterator to load the model checkpoint, which is downloaded from huggingface. It uses the torch.load function and the weights_only parameter defaults to False. When torch.load loads malicious pickle data, it will execute arbitrary code during unpickling. This vulnerability is fixed in v0.7.0.

Severity Score

7.5

Related Resources (9)

Url: https://github.com/vllm-project/vllm/pull/12366

Url: https://github.com/pypa/advisory-database/tree/main/vulns/vllm/PYSEC-2025-58.yaml

Url: https://pytorch.org/docs/stable/generated/torch.load.html

Url: https://github.com/vllm-project/vllm/security/advisories/GHSA-rh4j-5rhw-hr54

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-24357

Url: https://github.com/vllm-project/vllm/commit/d3d6bb13fb62da3234addf6574922a4ec0513d04

Url: https://github.com/vllm-project/vllm

Url: https://github.com/vllm-project/vllm/releases/tag/v0.7.0

Url: https://www.mend.io/vulnerability-database/CVE-2025-24357

Severity Score

7.5

Weakness Type (CWE)

Deserialization of Untrusted Data

CWE-502

Top Fix

Upgrade Version

Upgrade to version vllm - 0.7.0

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-24357

Good to know:

Date: January 27, 2025

Severity Score

Related Resources (9)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?