CVE-2025-62348: Salt junos Module Vulnerable to Code Injection via Specially Crafted YAML Payload

January 30, 2026 (updated February 1, 2026)

Salt’s junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process.

References

docs.saltproject.io/en/latest/topics/releases/3006.17.html
github.com/advisories/GHSA-77w2-v593-vxvv
github.com/saltstack/salt
github.com/saltstack/salt/issues/68469
github.com/saltstack/salt/pull/68472/commits/c17fd645edef208233dcac855615fced69409a00
nvd.nist.gov/vuln/detail/CVE-2025-62348

Code Behaviors & Features

Detect and mitigate CVE-2025-62348 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →