CVE-2025-5150 is a medium-severity vulnerability affecting the docarray library versions up to 0.40.1. The vulnerability resides in the __getitem__ function within the /docarray/data/torch_dataset.py file, part of the Web API component. It allows an attacker to perform prototype pollution, a type of attack where the attacker manipulates the prototype of a base object, leading to unintended behavior in the application. Prototype pollution can cause modification of object properties that are inherited by all instances, potentially leading to data corruption, denial of service, or even remote code execution depending on the application context. This vulnerability can be exploited remotely without authentication or user interaction, increasing its risk profile. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:L), no user interaction (UI:N), and low impact on confidentiality, integrity, and availability (VC:L, VI:L, VA:L). The vendor has not responded to the disclosure, and no patches are currently available. Although no known exploits are reported in the wild, the public disclosure of the exploit code increases the risk of exploitation. The docarray library is used primarily in machine learning and data processing pipelines, often integrated into web APIs and services that handle complex data structures, making prototype pollution particularly dangerous as it can disrupt data integrity and application logic.

For European organizations utilizing docarray in their machine learning or data processing workflows, this vulnerability poses a risk of unauthorized modification of application behavior, potentially leading to data corruption or denial of service. Since the vulnerability can be exploited remotely without authentication, exposed web APIs using vulnerable docarray versions are at risk of compromise. This could disrupt critical AI-driven services, affect data integrity, and undermine trust in automated decision-making systems. Organizations in sectors such as finance, healthcare, and critical infrastructure, where AI and data processing are integral, may face operational disruptions or regulatory compliance issues if data integrity is compromised. The medium CVSS score reflects moderate impact, but the lack of vendor response and patches increases the urgency for European entities to assess their exposure and implement mitigations proactively.

European organizations should immediately audit their environments to identify any usage of docarray versions 0.40.0 or 0.40.1, especially within web-facing APIs. Until an official patch is released, organizations should consider the following mitigations: 1) Implement strict input validation and sanitization on all data entering the __getitem__ function or related API endpoints to prevent malicious prototype pollution payloads. 2) Employ runtime application self-protection (RASP) or web application firewalls (WAF) with custom rules to detect and block suspicious prototype pollution attack patterns. 3) Isolate services using docarray in segmented network zones to limit potential lateral movement in case of exploitation. 4) Monitor logs and application behavior for anomalies indicative of prototype pollution attacks, such as unexpected object property changes or application crashes. 5) Engage with the open-source community or maintainers to track patch releases and apply updates promptly once available. 6) Consider temporary replacement or removal of docarray components in critical systems if feasible until a fix is provided.