CVE-2026-31214
CRITICAL EPSS 38.2%
Published May 12, 20261mo ago · Modified Jun 17, 20261w ago
9.8 CVSS 3.1
Published May 12, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago
Description
The torch-checkpoint-shrink.py script in the ml-engineering project in commit 0099885db36a8f06556efe1faf552518852cb1e0 (2025-20-27) contains an insecure deserialization vulnerability (CWE-502). The script uses torch.load() to process PyTorch checkpoint files (.pt) without enabling the security-restrictive weights_only=True parameter. This oversight allows the deserialization of arbitrary Python objects via the pickle module. A remote attacker can exploit this by providing a maliciously crafted checkpoint file, leading to arbitrary code execution in the context of the user running the script.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
38.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-502 Deserialization of Untrusted Data Validation
References 2
- github.com https://github.com/stas00/ml-engineering/blob/master/training/checkpoints/torch-checkpoint-shrink.py#L57
- notion.so https://www.notion.so/CVE-2026-31214-35d1e1393188813fa40eef73c174cee5
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.