VDB
CVE-2025-50460
CVE-2025-50460
PUBLISHED
CVSS 9.800000190734863 CRITICAL
MS SWIFT Remote Code Execution via unsafe PyYAML deserialization
EPSS 7.09% · 91.7th percentile
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
7.09%
91.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| PyPI | ms-swift | 0 |
Exploit Intelligence
- Technical Details and Exploit for CVE-2025-50460 (github-poc)
- Technical Details and Exploit for CVE-2025-50460 (github-poc)
- Technical Details and Exploit for CVE-2025-50460 (github-poc)
- Technical Details and Exploit for CVE-2025-50460 (github-poc)
- Technical Details and Exploit for CVE-2025-50460 (github-poc)
- Technical Details and Exploit for CVE-2025-50460 (github-poc)
- Technical Details and Exploit for CVE-2025-50460 (github-poc)
- https://github.com/modelscope/ms-swift (circl)
- https://github.com/modelscope/ms-swift/blob/main/tests/run.py#L420 (circl)
- https://github.com/advisories/GHSA-6757-jp84-gxfx (circl)
…and 22 more exploits
Timeline
- Jul 31, 2025 CVE Published
- Aug 1, 2025 CVE Updated
- Aug 1, 2025 Coalition ESS Score
- Aug 2, 2025 EPSS Score
- Aug 4, 2025 Coalition ESS Score
- Aug 11, 2025 EPSS Score
- Aug 19, 2025 EPSS Score
- Aug 22, 2025 Coalition ESS Score
- Aug 26, 2025 Coalition ESS Score
- Sep 6, 2025 EPSS Score
- Sep 14, 2025 EPSS Score
- Sep 23, 2025 EPSS Score
References
- https://github.com/modelscope/ms-swift url
- https://github.com/modelscope/ms-swift/blob/main/tests/run.py#L420 url
- https://github.com/advisories/GHSA-6757-jp84-gxfx url
- https://github.com/Anchor0221/CVE-2025-50460 url
- https://github.com/modelscope/ms-swift/security/advisories/GHSA-fm6c-f59h-7mmg url
- https://nvd.nist.gov/vuln/detail/CVE-2025-50460 advisory
- https://github.com/modelscope/ms-swift/pull/5174 url
- https://github.com/modelscope/ms-swift/commit/b3418ed9b050dc079553c275c5ed14cfb2b66cf7 url