High severityNVD Advisory· Published Sep 8, 2025· Updated Sep 9, 2025
MONAI's unsafe use of Pickle deserialization may lead to RCE
CVE-2025-58757
Description
MONAI (Medical Open Network for AI) is an AI toolkit for health care imaging. In versions up to and including 1.5.0, the pickle_operations function in monai/data/utils.py automatically handles dictionary key-value pairs ending with a specific suffix and deserializes them using pickle.loads() . This function also lacks any security measures. The deserialization may lead to code execution. As of time of publication, no known fixed versions are available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
monaiPyPI | < 1.5.1 | 1.5.1 |
Affected products
2- Range: <= 1.5.0
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-p8cm-mm2v-gwjmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-58757ghsaADVISORY
- github.com/Project-MONAI/MONAI/commit/948fbb703adcb87cd04ebd83d20dcd8d73bf6259ghsaWEB
- github.com/Project-MONAI/MONAI/pull/8566ghsaWEB
- github.com/Project-MONAI/MONAI/security/advisories/GHSA-p8cm-mm2v-gwjmghsax_refsource_CONFIRMWEB
- github.com/pypa/advisory-database/tree/main/vulns/monai/PYSEC-2025-142.yamlghsaWEB
News mentions
0No linked articles in our index yet.