CVE Daily

CVE-2025-55136

ERC (aka Emotion Recognition in Conversation) through 0.3 has insecure deseriali...

Medium CVSS 5.7

Overview

ERC (aka Emotion Recognition in Conversation) through 0.3 has insecure deserialization via a serialized object because jsonpickle is used.

CWE: CWE-502 Published: 2025-08-07T16:15:31.330
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.7 (MEDIUM)
  • Detected tags: deserialization (tag impact: MODERATE)

Recommended actions:

  • Avoid untrusted deserialization; prefer safe formats (JSON) and signatures.

Recommended tools

Tags