Description
An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file (dey_mini.yaml) under the key ['nnet']['module'].
Published: 2026-05-19
Score: 7.3 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An arbitrary code execution vulnerability was identified in ModelScope 1.25.0. The flaw arises when an attacker crafts a malicious entry for the ['nnet']['module'] key in the dey_mini.yaml configuration file. By inserting an attacker‑controlled module definition, the application loads and executes code that is under the attacker’s control, potentially compromising the entire system.

Affected Systems

ModelScope, version 1.25.0, is affected. No other vendors or product versions are listed in the CNA data, and no additional affected releases are known at this time.

Risk and Exploitability

The vulnerability carries the risk of arbitrary code execution, a high‑severity outcome. The CVSS score of 7.3 indicates a high‑severity risk, while the EPSS score is unavailable. The fact that code can be executed through configuration manipulation makes the exploit potentially severe. Attackers would need the ability to write to the dey_mini.yaml file or otherwise influence its contents, suggesting that the risk is greatest in environments where configuration files are writable by untrusted users or processes. The vulnerability is not yet listed in the CISA KEV catalog, indicating no known active exploitation at this point.

Generated by OpenCVE AI on May 19, 2026 at 16:55 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to the latest release of ModelScope that contains the fix (for example, the recent commit referenced in pull/1333).
  • Restrict file‑system permissions on dey_mini.yaml so that only trusted system processes and administrators can modify it.
  • Implement validation to ensure that only approved module names are allowed in the configuration; reject or sanitize any entry that is not on an approved whitelist.

Generated by OpenCVE AI on May 19, 2026 at 16:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 19 May 2026 17:15:00 +0000

Type Values Removed Values Added
Title Arbitrary Code Execution via Malicious Module Configuration in ModelScope 1.25.0

Tue, 19 May 2026 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-94
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 19 May 2026 14:30:00 +0000

Type Values Removed Values Added
Description An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file (dey_mini.yaml) under the key ['nnet']['module'].
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-19T14:34:18.238Z

Reserved: 2025-06-16T00:00:00.000Z

Link: CVE-2025-51427

cve-icon Vulnrichment

Updated: 2026-05-19T14:34:11.621Z

cve-icon NVD

Status : Deferred

Published: 2026-05-19T15:16:27.030

Modified: 2026-05-19T18:04:29.373

Link: CVE-2025-51427

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-19T17:00:12Z

Weaknesses