CVE-2025-58756

MONAI (Medical Open Network for AI) is an AI toolkit for health care imaging. In versions up to and including 1.5.0, in `model_dict = torch.load(full_path, map_location=torch.device(device), weights_only=True)` in monai/bundle/scripts.py , `weights_only=True` is loaded securely. However, insecure loading methods still exist elsewhere in the project, such as when loading checkpoints. This is a common practice when users want to reduce training time and costs by loading pre-trained models downloaded from other platforms. Loading a checkpoint containing malicious content can trigger a deserialization vulnerability, leading to code execution. As of time of publication, no known fixed versions are available.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/Project-MONAI/MONAI/security/advisories/GHSA-6vm5-6jv9-rjpj	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:monai:medical_open_network_for_ai:*:*:*:*:*:*:*:*

History

19 Sep 2025, 15:26

Type	Values Removed	Values Added
CPE		cpe:2.3:a:monai:medical_open_network_for_ai::::::::
First Time		Monai medical Open Network For Ai Monai
References	~~() https://github.com/Project-MONAI/MONAI/security/advisories/GHSA-6vm5-6jv9-rjpj -~~	() https://github.com/Project-MONAI/MONAI/security/advisories/GHSA-6vm5-6jv9-rjpj - Exploit, Vendor Advisory

09 Sep 2025, 00:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-09-09 00:15

Updated : 2025-09-19 15:26

NVD link : CVE-2025-58756

Mitre link : CVE-2025-58756

CVE.ORG link : CVE-2025-58756

JSON object : View

Products Affected

monai

medical_open_network_for_ai

CWE

CWE-502

Deserialization of Untrusted Data

8.8 /10