{"data":{"id":"2fb1c32f-2468-4117-bc37-b2c5a5452dab","title":"CVE-2025-15453: A security vulnerability has been detected in milvus up to 2.6.7. This vulnerability affects the function expr.Exec of t","summary":"A security vulnerability (CVE-2025-15453) exists in Milvus versions up to 2.6.7 in the expr.Exec function, where an attacker can manipulate the code argument to trigger deserialization (converting untrusted data back into executable code), allowing remote exploitation with user credentials. The vulnerability has been publicly disclosed and is rated as medium severity (CVSS 5.3).","solution":"A fix is planned for the next release 2.6.8.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-15453","publishedAt":"2026-01-05T08:15:50.293Z","cveId":"CVE-2025-15453","cweIds":["CWE-20","CWE-502"],"cvssScore":"6.3","cvssSeverity":"medium","severity":"medium","attackType":["model_poisoning"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Milvus"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00022,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-586"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"rag","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}