Количество 3
Количество 3
CVE-2025-70560
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achieve arbitrary code execution when the file is loaded.
CVE-2025-70560
Boltz 2.0.0 contains an insecure deserialization vulnerability in its ...
GHSA-fjm6-8xp2-4fwc
Boltz contains an insecure deserialization vulnerability in its molecule loading functionality
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-70560 Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achieve arbitrary code execution when the file is loaded. | CVSS3: 8.4 | 0% Низкий | 6 дней назад |
| CVE-2025-70560 Boltz 2.0.0 contains an insecure deserialization vulnerability in its ... | CVSS3: 8.4 | 0% Низкий | 6 дней назад |
| GHSA-fjm6-8xp2-4fwc Boltz contains an insecure deserialization vulnerability in its molecule loading functionality | CVSS3: 8.4 | 0% Низкий | 5 дней назад |
Уязвимостей на страницу