diff --git a/frigate/util/builtin.py b/frigate/util/builtin.py
index 929ada010..5cb01e1c5 100644
--- a/frigate/util/builtin.py
+++ b/frigate/util/builtin.py
@@ -87,7 +87,8 @@ def load_config_with_no_duplicates(raw_config) -> dict:
     """Get config ensuring duplicate keys are not allowed."""
 
     # https://stackoverflow.com/a/71751051
-    class PreserveDuplicatesLoader(yaml.loader.Loader):
+    # important to use SafeLoader here to avoid RCE
+    class PreserveDuplicatesLoader(yaml.loader.SafeLoader):
         pass
 
     def map_constructor(loader, node, deep=False):