Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-32444 PoC — vLLM 代码问题漏洞

Source
https://github.com/stuxbench/vllm-cve-2025-32444
Associated Vulnerability
Title:vLLM 代码问题漏洞 (CVE-2025-32444)
Description:vLLM是vLLM开源的一个适用于 LLM 的高吞吐量和内存高效推理和服务引擎。 vLLM 0.6.5至0.8.5之前版本存在代码问题漏洞,该漏洞源于使用基于pickle的序列化,可能导致远程代码执行。
Readme
Running

- have docker and uv installed, then clone repo and run uv sync, after they're installed cd into the folder and activate the venv
- current server.py works with test_grader.py, test_run.py, and test_task.json
- in order to run, just run hud dev --build in one terminal and run python test_run.py in another terminal (make sure you're inside the venv created by uv)
File Snapshot

 [4.0K]  /data/pocs/bb0fb57f7fad574f69da806f5263174f034e6c72
├── [5.1K]  Dockerfile
├── [ 442]  pyproject.toml
├── [ 374]  README.md
├── [ 677]  run_pentest_task.py
├── [4.0K]  src
│   └── [4.0K]  controller
│       ├── [4.0K]  cves
│       │   ├── [7.2K]  cve_2025_32444.py
│       │   └── [ 180]  __init__.py
│       ├── [ 957]  env.py
│       └── [2.3K]  server.py
├── [3.3K]  tasks.json
└── [1.2K]  test_full_info.json

4 directories, 10 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.