CVE-2025-54886HIGH 8.4EPSS p9.6%

CVE-2025-54886CVE-2025-54886

Description

skops is a Python library which helps users share and ship their scikit-learn based models. In versions 0.12.0 and below, the Card.get_model does not contain any logic to prevent arbitrary code execution. The Card.get_model function supports both joblib and skops for model loading. When loading .skops models, it uses skops' secure loading with trusted type validation, raising errors for untrusted types unless explicitly allowed. However, when non-.zip file formats are provided, the function silently falls back to joblib without warning. Unlike skops, joblib allows arbitrary code execution during loading, bypassing security measures and potentially enabling malicious code execution. This issue is fixed in version 0.13.0.

Scoring

CVSS 3.18.4 (HIGH)
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.20% probability of exploitation · percentile 9.6% · 2026-06-19T12:03:05Z
Published2025-08-08
Last modified2026-04-15

Underlying weaknesses· 1

CWE-502

References

  1. https://github.com/skops-dev/skops/commit/29d61ea8a92f2bde6830e8f32cc72a1a87211cda
  2. https://github.com/skops-dev/skops/security/advisories/GHSA-378x-6p4f-8jgm

1

TypeTargetConfidenceTier
WeaknessDeserialization of Untrusted Datacwe-5020%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-31224
CVE
CVE-2026-31222
CVE
CVE-2026-31223
CVE
CVE-2025-1550
CVE
CVE-2025-50472
CVE
CVE-2026-7304
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.