adaseq (=0.4.0), cosmos-predict2 (>=1.0.6 <=1.0.9) +20 more potentially affected by CVE-2025-51427 via modelscope (>=1.10.0 <=1.26.0)

modelscope PYPI version =1.10.0, =1.0.6, =0.5.4, =0.1.1, =0.6.0, =1.0.0, =0.4.0, =2.4.2, =0.1.0, =0.1.2, =0.1.0, =0.5.0, =0.7.0 and more Source cves: CVE-2025-51427 Source advisory: OSV:GHSA-FHHQ-H4HG-549X...

CVE-2025-51427

An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file deymini.yaml under the key 'nnet''module'...