CNNVD-202511-1988 Information
CNNVD ID
CNNVD-202511-1988
Related CVE
- CNNVD Published: 2025-11-18
Description (Chinese)
Modular Platform是Modular Inc开源的一个模块化平台。 Modular Platform 25.6之前版本存在安全漏洞,该漏洞源于不安全的反序列化,可能导致执行任意代码。
Description (English)
Modular Platform is a modular platform for Modular Inc open source. The previous version of Modular Platform 25.6 had a security loophole, which stemmed from unsafe back-sequencing and could lead to the implementation of arbitrary codes.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Modular Inc
Published
2025-11-18
Last Modified
2026-02-24
References
https://github.com/modular/modular/blame/main/max/serve/kvcache_agent/kvcache_agent.py#L220 https://github.com/modular/modular/commit/10620059fb5c47fb0c30e5d21a8ff3b8d622fba4 https://github.com/modular/modular/issues/4795 https://github.com/modular/modular/commit/b20e749fa892dbe772e890a268002f732164d9f5 https://github.com/modular/modular/commit/ee9c4ab02345dd30bed8b79771b6909ff1b930a1 https://www.oligo.security/blog/shadowmq-how-code-reuse-spread-critical-vulnerabilities-across-the-ai-ecosystem https://access.redhat.com/security/cve/cve-2025-60455
Patch
https://github.com/modular/modular/releases
Share on: