CVE-2025-5173 – HumanSignal Label Studio ML Backend Deserialization Vulnerability

May 26, 2025

CVE ID : CVE-2025-5173

Published : May 26, 2025, 7:15 a.m. | 1 hour, 56 minutes ago

Description : A vulnerability has been found in HumanSignal label-studio-ml-backend up to 9fb7f4aa186612806af2becfb621f6ed8d9fdbaf and classified as problematic. Affected by this vulnerability is the function load of the file label-studio-ml-backend/label_studio_ml/examples/yolo/utils/neural_nets.py of the component PT File Handler. The manipulation of the argument path leads to deserialization. An attack has to be approached locally. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5174 – Erdogant PyPickle Deserialization Vulnerability

Next Article CVE-2025-41441 – Mailform Pro CGI Information Disclosure

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Elon Musk says we’re in the “intelligence big bang” — after warning that a power crunch could kill the AI revolution this year

OpenAI introduces “ChatGPT agent” as the ultimate jack of all AI trades — with its own computer to check out your to-do list

This Android wearable lasts for days, and left my Samsung Galaxy Watch in the dust

This physical Clicks keyboard is the Pixel 9 upgrade I didn’t know I needed

The details of TC39’s last meeting

The details of TC39’s last meeting

Reclaim Space: Delete Docker Orphan Layers

Notes Android App Using SQLite

Elon Musk says we’re in the “intelligence big bang” — after warning that a power crunch could kill the AI revolution this year

Elon Musk says we’re in the “intelligence big bang” — after warning that a power crunch could kill the AI revolution this year

How to Fix Unable to Login to Facebook on PC (Step-by-Step)

OpenAI introduces “ChatGPT agent” as the ultimate jack of all AI trades — with its own computer to check out your to-do list

CVE-2025-5173 – HumanSignal Label Studio ML Backend Deserialization Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Laravel: How to Customize Verification Email Text

⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More

New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto

Is NVIDIA’s RTX 5060 Ti using the infamous GPU-melting power cable? — Leaks hint at a 16-pin hookup

CVE-2025-49439 – Mariusz88AtelierWeb Atelier Create CV CSRF Vulnerability

Larallow is a Permissions Package With Support for Scopes

CVE-2025-6786 – DocCheck Login for WordPress Information Disclosure

CVE-2025-49826 – Next.js Cache Poisoning DoS Vulnerability

CVE-2025-5173 – HumanSignal Label Studio ML Backend Deserialization Vulnerability

Related Posts