All 4 CVE vulnerabilities found in Skops, with AI-generated Chinese analysis, references, and POCs.
Vendor: Skops-dev
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-54886 | skops: Card.get_model does not block arbitrary code execution CWE-502 | 8.4 | High | 2025-08-08 |
| CVE-2025-54413 | skops' MethodNode can access unexpected object fields through dot notation, leading to arbitrary code execution at load time CWE-351 | 9.8 | - | 2025-07-26 |
| CVE-2025-54412 | skops' Inconsistent Trusted Type Validation Enables Hidden `operator` Methods Execution CWE-351 | 8.8 | - | 2025-07-26 |
| CVE-2024-37065 | Skops 安全漏洞 CWE-502 | 7.8 | High | 2024-06-04 |
All 4 known CVE vulnerabilities affecting Skops with full Chinese analysis, references, and POCs where available.