CVE-2025-5173 – HumanSignal Label Studio ML Backend Deserialization Vulnerability

May 26, 2025

CVE ID : CVE-2025-5173

Published : May 26, 2025, 7:15 a.m. | 1 hour, 56 minutes ago

Description : A vulnerability has been found in HumanSignal label-studio-ml-backend up to 9fb7f4aa186612806af2becfb621f6ed8d9fdbaf and classified as problematic. Affected by this vulnerability is the function load of the file label-studio-ml-backend/label_studio_ml/examples/yolo/utils/neural_nets.py of the component PT File Handler. The manipulation of the argument path leads to deserialization. An attack has to be approached locally. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5174 – Erdogant PyPickle Deserialization Vulnerability

Next Article CVE-2025-41441 – Mailform Pro CGI Information Disclosure

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

CVE-2025-5173 – HumanSignal Label Studio ML Backend Deserialization Vulnerability

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

I compared my Sonos Arc Ultra with Samsung’s flagship soundbar, and it’s pretty dang close

Exploring the Process of Building a Procedural 3D Kitchen Designer with Three.js

CVE-2025-31422 – Designthemes Visual Art | Gallery WordPress Theme Object Injection Vulnerability

New Linux udisks flaw lets attackers get root on major Linux distros

CVE-2025-30173 – Aspect Server-Side Request Forgery (SSRF) Vulnerability

Alternatives to popular CLI tools: ps

PowerToys brings “Command Palette” to Windows 11 as a new launcher experience

CVE-2025-7091 – Belkin Webs Stack-Based Buffer Overflow Vulnerability

CVE-2025-5173 – HumanSignal Label Studio ML Backend Deserialization Vulnerability

Related Posts