Tiny RDM CVE-2025-14606
LOWSeverity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A security vulnerability has been detected in tiny-rdm Tiny RDM up to 1.2.5. Affected by this vulnerability is the function pickle.loads of the file pickle_convert.go of the component Pickle Decoding. The manipulation leads to deserialization. The attack can be initiated remotely. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.
AnalysisAI
Deserialization vulnerability in Tiny RDM up to version 1.2.5 allows authenticated remote attackers to trigger unsafe pickle deserialization via the Pickle Decoding component, potentially leading to code execution. The attack requires high complexity and prior authentication, making practical exploitation difficult. Public exploit code is available, but the low EPSS score (0.10%) and absence of active exploitation tracking suggest limited real-world risk at present.
Technical ContextAI
Tiny RDM is a lightweight Redis Desktop Manager that includes a Pickle Decoding component (pickle_convert.go) for handling Python pickle-serialized data. The vulnerability exploits unsafe deserialization of untrusted pickle payloads via the pickle.loads function. Pickle is a Python serialization format that can execute arbitrary code during deserialization if the input is not validated. CWE-20 (Improper Input Validation) indicates that the component fails to properly validate or sanitize pickle data before deserialization. The attack vector is network-based, but requires both login credentials (PR:L) and high attack complexity (AC:H), suggesting the attacker must craft a specifically malformed pickle payload and have valid authentication to reach the vulnerable code path.
Affected ProductsAI
Tiny RDM versions up to and including 1.2.5 are affected. The vulnerability specifically impacts the Pickle Decoding component (pickle_convert.go) and its pickle.loads function. No CPE string was provided in the available references, but affected installations can be identified by running Tiny RDM version 1.2.5 or earlier with Pickle deserialization functionality enabled.
RemediationAI
Upgrade Tiny RDM to a version newer than 1.2.5 as soon as available; check the project repository at https://github.com/tiny-craft/tiny-rdm for patched releases. As a compensating control pending patching, restrict network access to Tiny RDM to trusted internal networks only and disable Pickle deserialization features if not required for your use case (check application settings for protocol or format filtering options). If the application must deserialize pickle data, implement strict input validation by adding a whitelist of acceptable pickle protocol versions and only allow deserialization of primitive types and whitelisted classes. Require strong authentication credentials and enforce multi-factor authentication for Tiny RDM access. Monitor for any responses from the project maintainers at the GitHub issue (https://github.com/tiny-craft/tiny-rdm/issues/512) for patched version announcements.
Share
External POC / Exploit Code
Leaving vuln.today