ShadowMQ: How Code Reuse Spread Critical Vulnerabilities Across the AI Ecosystem www.oligo.security/blog/shad…
In the race to make the adoption of AI faster, it is necessary to make AI infrastructure safer. Over the past year, Oligo Security’s research team disclosed a series of critical Remote Code Execution (RCE) vulnerabilities lurking inside some of the most widely used AI inference servers, including frameworks from Meta, NVIDIA, Microsoft, and PyTorch projects like vLLM and SGLang.
These vulnerabilities all traced back to the same root cause: the overlooked unsafe use of ZeroMQ (ZMQ) and Python’s pickle deserialization. But what surprised us the most wasn’t the bug itself. It was how it spread. As we dug deeper, we found that code files were copied between projects (sometimes line-for-line) carrying dangerous patterns from one repository to the next.
We call this pattern ShadowMQ: a hidden communication-layer flaw propagated through code reuse in the modern AI stack.
