Cyber Resilience

CVE-2025-58367

Critical

Published: 05 September 2025

Published
05 September 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 10.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0027 50.5th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-58367 is a critical-severity Improperly Controlled Modification of Dynamically-Determined Object Attributes (CWE-915) vulnerability. Its CVSS base score is 10.0 (Critical).

Operationally, ranked in the top 49.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

DeepDiff versions 5.0.0 through 8.6.0 contain a class pollution vulnerability in the Delta class constructor. When combined with an available gadget that modifies deepdiff.serialization.SAFE_TO_IMPORT, the flaw permits unsafe classes such as posix.system to be loaded, enabling insecure pickle deserialization that can result in denial of service or remote code execution. The issue is tracked as CWE-915 and carries a CVSS 4.0 score of 10.0.

An unauthenticated attacker who can supply user-controlled input to the Delta constructor can alter the import allow-list and trigger deserialization of arbitrary Python objects. This grants the ability to execute any Python code reachable in the application's environment, with impact severity depending on the privileges of the process using DeepDiff.

The vulnerability is fixed in release 8.6.1. The project advisory GHSA-mw26-5g2v-hqw3 and the associated commit c69c06c13f75e849c770ade3f556cd16209fd183 document the patch that prevents modification of SAFE_TO_IMPORT and removes the unsafe deserialization path.

EPSS for the CVE rose from a low of 0.0027 to a peak of 0.0101, indicating measurable post-disclosure exploitation interest. No confirmed in-the-wild exploitation has been reported.

EU & UK References

Vulnerability details

DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead…

more

to Denial of Service and Remote Code Execution (via insecure Pickle deserialization) exploitation. The gadget available in DeepDiff allows `deepdiff.serialization.SAFE_TO_IMPORT` to be modified to allow dangerous classes such as posix.system, and then perform insecure Pickle deserialization via the Delta class. This potentially allows any Python code to be executed, given that the input to Delta is user-controlled. Depending on the application where DeepDiff is used, this can also lead to other vulnerabilities. This is fixed in version 8.6.1.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References