CVE-2025-58367
Published: 05 September 2025
Summary
CVE-2025-58367 is a critical-severity Improperly Controlled Modification of Dynamically-Determined Object Attributes (CWE-915) vulnerability. Its CVSS base score is 10.0 (Critical).
Operationally, ranked in the top 49.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
DeepDiff versions 5.0.0 through 8.6.0 contain a class pollution vulnerability in the Delta class constructor. When combined with an available gadget that modifies deepdiff.serialization.SAFE_TO_IMPORT, the flaw permits unsafe classes such as posix.system to be loaded, enabling insecure pickle deserialization that can result in denial of service or remote code execution. The issue is tracked as CWE-915 and carries a CVSS 4.0 score of 10.0.
An unauthenticated attacker who can supply user-controlled input to the Delta constructor can alter the import allow-list and trigger deserialization of arbitrary Python objects. This grants the ability to execute any Python code reachable in the application's environment, with impact severity depending on the privileges of the process using DeepDiff.
The vulnerability is fixed in release 8.6.1. The project advisory GHSA-mw26-5g2v-hqw3 and the associated commit c69c06c13f75e849c770ade3f556cd16209fd183 document the patch that prevents modification of SAFE_TO_IMPORT and removes the unsafe deserialization path.
EPSS for the CVE rose from a low of 0.0027 to a peak of 0.0101, indicating measurable post-disclosure exploitation interest. No confirmed in-the-wild exploitation has been reported.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-27049
Vulnerability details
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead…
more
to Denial of Service and Remote Code Execution (via insecure Pickle deserialization) exploitation. The gadget available in DeepDiff allows `deepdiff.serialization.SAFE_TO_IMPORT` to be modified to allow dangerous classes such as posix.system, and then perform insecure Pickle deserialization via the Delta class. This potentially allows any Python code to be executed, given that the input to Delta is user-controlled. Depending on the application where DeepDiff is used, this can also lead to other vulnerabilities. This is fixed in version 8.6.1.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.