CVE-2025-58756

Source
https://cve.org/CVERecord?id=CVE-2025-58756
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-58756.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-58756
Aliases
Published
2025-09-08T23:39:55.508Z
Modified
2026-05-20T08:11:11.558580375Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
MONAI's unsafe torch usage may lead to arbitrary code execution
Details

MONAI (Medical Open Network for AI) is an AI toolkit for health care imaging. In versions up to and including 1.5.0, in model_dict = torch.load(full_path, map_location=torch.device(device), weights_only=True) in monai/bundle/scripts.py , weights_only=True is loaded securely. However, insecure loading methods still exist elsewhere in the project, such as when loading checkpoints. This is a common practice when users want to reduce training time and costs by loading pre-trained models downloaded from other platforms. Loading a checkpoint containing malicious content can trigger a deserialization vulnerability, leading to code execution. As of time of publication, no known fixed versions are available.

Database specific
{
    "cwe_ids": [
        "CWE-502"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/58xxx/CVE-2025-58756.json"
}
References

Affected packages

Git / github.com/project-monai/monai

Affected ranges

Type
GIT
Repo
https://github.com/project-monai/monai
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.5.0"
        }
    ]
}

Affected versions

0.*
0.1.0
0.1.0rc1
0.1.0rc2
0.1a1.dev7
0.1a1.dev8
0.1a1.dev9
0.2.0
0.2.0rc1
0.2.0rc2
0.2.0rc3
0.3.0
0.3.0rc1
0.3.0rc2
0.3.0rc3
0.3.0rc4
0.4.0
0.4.0rc1
0.4.0rc2
0.5.0
0.5.0rc1
0.5.0rc2
0.5.0rc3
0.5.0rc4
0.5.0rc5
0.5.1
0.5.2
0.6.0
0.6.0rc1
0.6.0rc2
0.7.0
0.7.0rc1
0.7.0rc2
0.7.0rc3
0.7.0rc4
0.7.0rc5
0.8.0
0.8.0rc1
0.8.0rc2
0.8.0rc3
0.8.1
0.8.1rc1
0.8.1rc2
0.8.1rc3
0.8.1rc4
0.8.1rc5
0.9.0
0.9.0rc1
0.9.0rc2
0.9.0rc3
0.9.1
0.9.1rc1
0.9.1rc2
0.9.1rc3
0.9.1rc4
0.9.1rc5
1.*
1.0.0rc1
1.0.0rc2
1.0.0rc3
1.1.0
1.1.0rc1
1.1.0rc2
1.2.0
1.2.0rc1
1.2.0rc2
1.2.0rc4
1.2.0rc5
1.2.0rc6
1.2.0rc7
1.3.0
1.3.0rc1
1.3.0rc2
1.3.0rc3
1.3.0rc4
1.3.0rc5
1.3.1
1.3.1rc1
1.3.1rc2
1.3.1rc3
1.3.1rc4
1.3.1rc5
1.3.1rc6
1.3.1rc7
1.3.1rc8
1.3.3rc1
1.4.0
1.4.0rc1
1.4.0rc10
1.4.0rc11
1.4.0rc12
1.4.0rc2
1.4.0rc3
1.4.0rc4
1.4.0rc5
1.4.0rc6
1.4.0rc7
1.4.0rc8
1.4.0rc9
1.4.1rc1
1.5.0
1.5.0rc1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-58756.json"