CVE-2025-58756: 
Python vulnerability analysis and mitigation

CVE-2025-58756 affects MONAI (Medical Open Network for AI), an AI toolkit for health care imaging, in versions up to and including 1.5.0. The vulnerability stems from insecure loading methods when handling checkpoints, despite having secure loading with weights_only=True in specific parts of the codebase (GitHub Advisory).

The vulnerability exists in the checkpoint loading functionality where insecure deserialization methods are implemented. While model_dict = torch.load(full_path, map_location=torch.device(device), weights_only=True) in monai/bundle/scripts.py is secure, other parts of the project use insecure loading methods for checkpoints. The issue is particularly concerning when users load pre-trained models downloaded from external platforms. The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (High) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (GitHub Advisory).

The vulnerability can lead to arbitrary code execution when loading a checkpoint containing malicious content. This poses a significant security risk as attackers could potentially execute unauthorized commands on the affected system through carefully crafted checkpoint files (GitHub Advisory).

As of the publication date, no fixed versions are available. The suggested mitigation is to use a safe method to load checkpoints or force weights_only=True when loading model data (GitHub Advisory).