Home > Vulnerability Database > CVE-2025-10950

Mend.io Vulnerability Database

CVE-2025-10950

Date: September 25, 2025

A vulnerability was determined in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected is the function log_handler of the file ml_logger/server.py of the component Ping Handler. This manipulation of the argument data causes deserialization. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Severity Score

6.3

Related Resources (7)

Url: https://vuldb.com/?id.325820

Url: https://vuldb.com/?ctiid.325820

Url: https://vuldb.com/?submit.652461

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-10950

Url: https://github.com/geyang/ml-logger

Url: https://github.com/geyang/ml-logger/issues/72

Url: https://www.mend.io/vulnerability-database/CVE-2025-10950

Severity Score

6.3

Weakness Type (CWE)

Deserialization of Untrusted Data

CWE-502

Improper Input Validation

CWE-20

CVSS v3.1

Base Score:	6.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2025-10950

Date: September 25, 2025

Severity Score

Related Resources (7)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?