CVE-2025-51427 - Vulnerability Details

- ModelScope: ModelScope: Arbitrary code execution via crafted configuration module

Description

An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file (dey_mini.yaml) under the key ['nnet']['module'].

Published: 2026-05-19

Score: 7.3 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An arbitrary code execution vulnerability exists in ModelScope 1.25.0. The flaw allows an attacker to create a malicious entry under the ['nnet']['module'] key in the dey_mini.yaml configuration file, causing the application to load and run code supplied by the attacker. This can compromise the confidentiality, integrity, and availability of the host system.

Affected Systems

ModelScope version 1.25.0 is affected. No additional vendors or product versions are listed in CNA data, and no other releases are known to be impacted.

Risk and Exploitability

The CVSS score of 7.3 indicates a high severity risk. The EPSS score is less than 1%, suggesting that exploitation is considered unlikely, yet the vulnerability is still present. Because the code is executed through manipulated configuration, the attack requires write access to dey_mini.yaml or the ability to influence its contents, which may be possible in environments where configuration files are writable by untrusted users or processes. The vulnerability is not listed in the CISA KEV catalog, implying no known active exploitation at this time.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

No data.

Vendor Product Confidence Versions

Modelscope

80%

Version	Status	Scheme	Platform
`1.25.0`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade to the latest ModelScope release that includes the patch from the fix in pull/1333.
Remove or lock the dey_mini.yaml file so that only privileged administrators can edit it, preventing unauthorized module definitions.
Add input validation to the configuration parser so that only an approved list of module names can be specified, rejecting or sanitizing any non‑whitelisted entries.

Generated by OpenCVE AI on May 28, 2026 at 02:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-fhhq-h4hg-549x	ModelScope is vulnerable to arbitrary code injection via a crafted module

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00045.

Exploitation poc

Automatable yes

Technical Impact partial

References

Link	Providers
https://github.com/JIRUWOZHI/vulnerability-disclosure/blob/main/CVE-2025-51427/CVE_2025_51427.md
https://github.com/modelscope/modelscope/issues/1331
https://github.com/modelscope/modelscope/pull/1333
https://nvd.nist.gov/vuln/detail/CVE-2025-51427
https://www.cve.org/CVERecord?id=CVE-2025-51427

History

Thu, 28 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
Title	Arbitrary Code Execution via Malicious Module Configuration in ModelScope 1.25.0	ModelScope: ModelScope: Arbitrary code execution via crafted configuration module
Weaknesses		CWE-502
References		https://nvd.nist.gov/vuln/detail/CVE-2025-51427 https://www.cve.org/CVERecord?id=CVE-2025-51427
Metrics	threat_severity `None`	threat_severity `Important`

Wed, 20 May 2026 11:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Modelscope Modelscope modelscope
Vendors & Products		Modelscope Modelscope modelscope

Tue, 19 May 2026 17:15:00 +0000

Type	Values Removed	Values Added
Title		Arbitrary Code Execution via Malicious Module Configuration in ModelScope 1.25.0

Tue, 19 May 2026 15:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-94
Metrics		cvssV3_1 `{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 19 May 2026 14:30:00 +0000

Type	Values Removed	Values Added
Description		An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file (dey_mini.yaml) under the key ['nnet']['module'].
References		https://github.com/JIRUWOZHI/vulnerability-disclosure/blob/main/CVE-2025-51427/CVE_2025_51427.md https://github.com/modelscope/modelscope/issues/1331 https://github.com/modelscope/modelscope/pull/1333

Subscriptions

Modelscope Modelscope

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-05-19T00:00:00.000Z

Updated: 2026-05-19T14:34:18.238Z

Reserved: 2025-06-16T00:00:00.000Z

Link: CVE-2025-51427

Vulnrichment

Updated: 2026-05-19T14:34:11.621Z

NVD

Status : Deferred

Published: 2026-05-19T15:16:27.030

Modified: 2026-05-19T18:04:29.373

Link: CVE-2025-51427

Redhat

Severity : Important

Publid Date: 2026-05-19T00:00:00Z

Links: CVE-2025-51427 - Bugzilla

OpenCVE Enrichment

Updated: 2026-05-28T02:15:04Z

Weaknesses

CWE-502
Deserialization of Untrusted Data
CWE-94
Improper Control of Generation of Code ('Code Injection')

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Exploitation poc

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object