Diffe-Hellman-Merkel key exchange is vulnerable to attacker-in-the-middle attacks.

Eave could just do key negotiation with Alice and separately do key negotiation with Bob. You have to use a slightly more complicated cryptographic protocol to avoid this issue.