CVE-2025-58756

Name of the Vulnerable Software and Affected Versions: MONAI versions up to and including 1.5.0

Description: MONAI is an AI toolkit for health care imaging. The software contains insecure model loading methods that can trigger a deserialization vulnerability, potentially leading to code execution when loading checkpoints containing malicious content. This issue arises from loading pre-trained models downloaded from other platforms.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.