CVE-2025-11157 — Vulnetix

CVE-2025-11157 PUBLISHED CVSS 7.800000190734863 HIGH

Feast vulnerable to Deserialization of Untrusted Data

EPSS 0.22% · 44.5th percentile

Risk Scores

CVSS 3.0

7.800000190734863

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.22%

44.5th percentile

Affected Products

Vendor	Product	Versions
feast-dev	feast-dev/feast	*
PyPI	feast	0

Exploit Intelligence

CIRCL seen: CVE-2025-11157 (circl-sighting)
CIRCL seen: CVE-2025-11157 (circl-sighting)
CIRCL seen: CVE-2025-11157 (circl-sighting)
https://huntr.com/bounties/46d4d585-b968-4a76-80ce-872bc5525564 (circl)
https://github.com/feast-dev/feast/commit/b2e37ff37953b68ae833f6874ab5bc510a4ca5fb (circl)

Timeline

Jan 1, 2026 CVE Published
Jan 1, 2026 EPSS Score
Jan 1, 2026 PoC Published
Jan 1, 2026 PoC Published
Jan 2, 2026 CVE Updated
Jan 4, 2026 EPSS Score
Jan 8, 2026 EPSS Score
Jan 11, 2026 EPSS Score
Jan 15, 2026 EPSS Score
Jan 18, 2026 EPSS Score
Jan 21, 2026 EPSS Score
Jan 24, 2026 PoC Published

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›