CVE-2025-54412 HIGH

CVE-2025-54412: skops' Inconsistent Trusted Type Validation Enables Hidden `operator` Methods Execution

Vendor Skops-Dev
Product skops
Weakness CWE-351
Published July 26, 2025
Last update July 28, 2025

CVSS base score

8.7/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

What the vulnerability does

01Description

skops is a Python library which helps users share and ship their scikit-learn based models. Versions 0.11.0 and below contain a inconsistency in the OperatorFuncNode which can be exploited to hide the execution of untrusted operator methods. This can then be used in a code reuse attack to invoke seemingly safe functions and escalate to arbitrary code execution with minimal and misleading trusted types. This is fixed in version 0.12.0.

Key dates

02Disclosure timeline

July 26, 2025 CVE published
July 28, 2025 Record updated