Deserialization Vulnerability in Volcengine's Model Merger Script
CVE-2025-50461

Currently unrated

Key Information:

Vendor: Volcengine
Status: verl
Vendor: CVE Published:; 19 August 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-50461?

A deserialization vulnerability is present in Volcengine's verl 3.0.0, particularly in the model merger script. This flaw arises when the script processes user-supplied .pt files without proper validation while invoking torch.load() with weights_only set to False. An attacker could exploit this vulnerability by designing a malicious model file and persuading a victim to download and store it in a specific local directory. Upon execution, this may permit the attacker to execute arbitrary code with the same privileges as the user running the script.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-50461
Created by Anchor0221

References

https://pytorch.org/docs/stable/generated/torch.load.html

https://github.com/volcengine/verl

https://github.com/volcengine/verl/blob/main/scripts/mode...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 19, 2025
🟡
Public PoC available
Aug 15, 2025
👾
Exploit known to exist
Aug 15, 2025
Vulnerability Reserved
Jun 16, 2025