CVE-2025-50460CRITICAL 9.8EPSS p81.3%

CVE-2025-50460CVE-2025-50460

Description

A remote code execution (RCE) vulnerability exists in the ms-swift project version 3.3.0 due to unsafe deserialization in tests/run.py using yaml.load() from the PyYAML library (versions = 5.3.1). If an attacker can control the content of the YAML configuration file passed to the --run_config parameter, arbitrary code can be executed during deserialization. This can lead to full system compromise. The vulnerability is triggered when a malicious YAML file is loaded, allowing the execution of arbitrary Python commands such as os.system(). It is recommended to upgrade PyYAML to version 5.4 or higher, and to use yaml.safe_load() to mitigate the issue.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS2.33% probability of exploitation · percentile 81.3% · 2026-06-19T12:03:05Z
Published2025-08-01
Last modified2026-04-15

Underlying weaknesses· 1

CWE-502

References

  1. https://github.com/Anchor0221/CVE-2025-50460
  2. https://github.com/advisories/GHSA-6757-jp84-gxfx
  3. https://github.com/modelscope/ms-swift
  4. https://github.com/modelscope/ms-swift/blob/main/tests/run.py#L420
  5. https://github.com/Anchor0221/CVE-2025-50460

1

TypeTargetConfidenceTier
WeaknessDeserialization of Untrusted Datacwe-5020%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-50472
CVE
CVE-2025-55232
CVE
CVE-2025-40908
CVE
CVE-2025-54897
CVE
CVE-2025-2000
CVE
CVE-2025-60455
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.