{"vulnerability": "CVE-2025-47277", "sightings": [{"uuid": "a065fe8a-eae0-41a3-bdb8-7f0625af66dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47277", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17023", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47277\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: vLLM, an inference and serving engine for large language models (LLMs), has an issue in versions 0.6.5 through 0.8.4 that ONLY impacts environments using the `PyNcclPipe` KV cache transfer integration with the V0 engine. No other configurations are affected. vLLM supports the use of the\u00a0`PyNcclPipe`\u00a0class to establish a peer-to-peer communication domain for data transmission between distributed nodes. The GPU-side KV-Cache transmission is implemented through the\u00a0`PyNcclCommunicator`\u00a0class, while CPU-side control message passing is handled via the\u00a0`send_obj`\u00a0and\u00a0`recv_obj`\u00a0methods on the CPU side.\u200b The intention was that this interface should only be exposed to a private network using the IP address specified by the `--kv-ip` CLI parameter. The vLLM documentation covers how this must be limited to a secured network. The default and intentional behavior from PyTorch is that the `TCPStore` interface listens on ALL interfaces, regardless of what IP address is provided. The IP address given was only used as a client-side address to use. vLLM was fixed to use a workaround to force the `TCPStore` instance to bind its socket to a specified private interface. As of version 0.8.5, vLLM limits the `TCPStore` socket to the private interface as configured.\n\ud83d\udccf Published: 2025-05-20T17:32:27.034Z\n\ud83d\udccf Modified: 2025-05-20T17:32:27.034Z\n\ud83d\udd17 References:\n1. https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv\n2. https://github.com/vllm-project/vllm/pull/15988\n3. https://github.com/vllm-project/vllm/commit/0d6e187e88874c39cda7409cf673f9e6546893e7\n4. https://docs.vllm.ai/en/latest/deployment/security.html", "creation_timestamp": "2025-05-20T17:43:46.000000Z"}, {"uuid": "9e45ec91-eb81-435f-a4a0-47165956740b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-47277", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3lq443nugt42d", "content": "", "creation_timestamp": "2025-05-26T21:20:10.248609Z"}, {"uuid": "e32fc259-4df8-436e-8339-b0310d12bc5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47277", "type": "seen", "source": "https://bsky.app/profile/checkmarxzero.bsky.social/post/3lppj3lewon2w", "content": "", "creation_timestamp": "2025-05-21T21:08:09.721426Z"}, {"uuid": "97fff8b9-e456-4d3d-8641-f96a0e52d4bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47277", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114541634791270960", "content": "", "creation_timestamp": "2025-05-20T18:44:05.163924Z"}, {"uuid": "84ea34d6-3c55-4cb8-bdc9-1cc8bec2e254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47277", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lq7zahbg322m", "content": "", "creation_timestamp": "2025-05-28T10:39:50.816826Z"}]}