CVE-2025-51427 | THREATINT

Description

An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file (dey_mini.yaml) under the key ['nnet']['module'].

PUBLISHED Reserved 2025-06-16 | Published 2026-05-19 | Updated 2026-05-19 | Assigner mitre

References

github.com/...ure/blob/main/CVE-2025-51427/CVE_2025_51427.md exploit

github.com/modelscope/modelscope/issues/1331

github.com/modelscope/modelscope/pull/1333

github.com/...ure/blob/main/CVE-2025-51427/CVE_2025_51427.md

cve.org (CVE-2025-51427)

nvd.nist.gov (CVE-2025-51427)

Download JSON