Unrated severityNVD Advisory· Published Aug 11, 2025· Updated Aug 11, 2025

CVE-2025-45146

Description

ModelCache for LLM through v0.2.0 was discovered to contain an deserialization vulnerability via the component /manager/data_manager.py. This vulnerability allows attackers to execute arbitrary code via supplying crafted data.

Affected products

ModelCache for LLM/ModelCache for LLMdescription

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/EDMPL/Vulnerability-Research/blob/main/CVE-2025-45146/README.mdmitre
github.com/codefuse-ai/ModelCache/blob/e053e0d57b532d4ad9378d2f31bb85a009b77d64/modelcache/manager/data_manager.pymitre
github.com/codefuse-ai/ModelCache/blob/e053e0d57b532d4ad9378d2f31bb85a009b77d64/modelcache/manager/factory.pymitre
pytorch.org/docs/stable/generated/torch.load.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000