CVE-2025-11157 | feast-dev feast up to 0.53.x YAML File Parser main.py yaml.load deserialization

Inserito da Angelo Barbosa | Gen 1, 2026 | CVE

A vulnerability classified as problematic has been found in feast-dev feast up to 0.53.x. Affected by this vulnerability is the function yaml.load of the file feast/sdk/python/feast/infra/compute_engines/kubernetes/main.py of the component YAML File Parser. The manipulation leads to deserialization.

This vulnerability is uniquely identified as CVE-2025-11157. Local access is required to approach this attack. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2025-11157 | feast-dev feast up to 0.53.x YAML File Parser main.py yaml.load deserialization

Post correlati

CVE-2023-5448 | WP Register Profile with Shortcode Plugin up to 3.5.9 on WordPress Password Reset cross-site request forgery

CVE-2021-1379 | Cisco IP Phones with Multiplatform Cisco Discovery Protocol buffer overflow (cisco-sa-ipphone-rce-dos-U2PsSkz3)

CVE-2025-5219 | FreeFloat FTP Server 1.0.0 ASCII Command buffer overflow

CVE-2025-1041 | Avaya Call Management System 18.x/19.x/20.x input validation