CVE-2025-27510
Published: 04 March 2025
Summary
CVE-2025-27510 is a critical-severity Inclusion of Functionality from Untrusted Control Sphere (CWE-829) vulnerability. Its CVSS base score is 9.3 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Compromise Software Dependencies and Development Tools (T1195.001); ranked in the top 8.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-14 (Signed Components) and SR-11 (Component Authenticity).
Deeper analysis
conda-forge-metadata provides programmatic access to conda-forge metadata and declares an optional dependency on conda-oci-mirror in its pyproject.toml. That package name was never registered on PyPI, creating a dependency confusion condition (CWE-829) that can lead to remote code execution if the name is later claimed.
An unauthenticated attacker who registers and publishes a malicious conda-oci-mirror package can therefore supply code that executes when conda-forge-metadata or any downstream project resolves the optional dependency. The attack requires no user interaction and affects any environment that installs the package with dependency resolution enabled.
The GitHub Security Advisory GHSA-vwfh-m3q7-9jpw and the linked repository files document the vulnerable declaration and serve as the primary sources for remediation guidance.
EPSS for CVE-2025-27510 rose from lower values to a peak of 0.1195 on 2026-04-16 before receding to the current 0.0632, indicating a measurable increase in exploitation interest after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-6186
Vulnerability details
conda-forge-metadata provides programatic access to conda-forge's metadata. conda-forge-metadata uses an optional dependency - "conda-oci-mirror" which was neither present on the PyPi repository nor registered by any entity. If conda-oci-mirror is taken over by a threat actor, it can result in…
more
remote code execution.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes inclusion of an unclaimed optional dependency (CWE-829) that an attacker can register on PyPI with malicious code, directly enabling compromise of software dependencies for RCE.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires verification of component authenticity prior to use, directly preventing execution of malicious code from threat actors hijacking unclaimed package names like conda-oci-mirror.
Mandates digital signatures and enforcement for software components before installation and execution, mitigating RCE risks from untrusted optional dependencies.
Requires proof of provenance for components, ensuring unclaimed and unproven packages like conda-oci-mirror are not trusted or incorporated.