CVE-2025-50461: A deserialization vulnerability exists in Volcengine's verl 3.0.0, specifically in the scripts/model_merger.py script wh
mediumvulnerability
security
Summary
Volcengine's verl 3.0.0 has a deserialization vulnerability (unsafe loading of data structures from untrusted files) in its model_merger.py script that uses torch.load() with weights_only=False, allowing attackers to execute arbitrary code (run commands without authorization) if a victim loads a malicious model file. An attacker can exploit this by tricking a user into downloading and using a specially crafted .pt file, potentially gaining full control of the victim's system.
Vulnerability Details
CVSS Score
6.5(medium)
EPSS (30-day exploit probability)
EPSS: 0.1%
Classification
Attack Type
Model Theft
Attack SophisticationModerate
Impact (CIA+S)
integrityconfidentiality
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-50461
First tracked: February 15, 2026 at 08:53 PM
Classified by LLM (prompt v3) · confidence: 85%