CVE-2025-50461

A deserialization vulnerability exists in Volcengine's verl 3.0.0, specifically in the scripts/modelmerger.py script when using the "fsdp" backend. The script calls torch.load with weightsonly=False on user-supplied .pt files, allowing attackers to execute arbitrary code if a maliciously crafted...

CVE-2025-50461

A deserialization vulnerability exists in Volcengine's verl 3.0.0, specifically in the scripts/modelmerger.py script when using the "fsdp" backend. The script calls torch.load with weightsonly=False on user-supplied .pt files, allowing attackers to execute arbitrary code if a maliciously crafted...

PT-2025-33729 · Volcengine · Volcengine Verl

Name of the Vulnerable Software and Affected Versions: Volcengine versions 3.0.0 Description: A deserialization vulnerability exists in Volcengine's scripts/model merger.py script when using the "fsdp" backend. The script calls torch.load with weights only=False on user-supplied .pt files, allowi...

CVE-2025-50461

CVE-2025-50461 describes a deserialization vulnerability in Volcengine Verl 3.0.0, specifically in scripts/model_merger.py when using the "fsdp" backend. The code calls torch.load() with weights_only=False on user-supplied .pt files, enabling arbitrary code execution if a malicious model file is ...

CVE-2025-50461

A deserialization vulnerability exists in Volcengine's verl 3.0.0, specifically in the scripts/modelmerger.py script when using the "fsdp" backend. The script calls torch.load with weightsonly=False on user-supplied .pt files, allowing attackers to execute arbitrary code if a maliciously crafted...