CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34 matches found

Snyk•added 2026/05/12 7:25 p.m.•4 views

Deserialization of Untrusted Data

Overview ludwig is a Declarative machine learning: End-to-end machine learning pipelines using data-driven configurations. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the model serving process. An attacker can execute arbitrary code on the system by...

9.8CVSS6.2AI score0.00088EPSS

Exploits0References2

EUVD•added 2026/05/12 6:30 p.m.•8 views

EUVD-2026-29561

The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization CWE-502 in its model serving component. When starting a model server with the ludwig serve command, the framework loads model weight files using torch.load without enabling the security-restrictive weightsonly=True...

6.3AI score0.00088EPSS

Exploits0References3

Vulnrichment•added 2026/05/12 12:0 a.m.•3 views

CVE-2026-31238

6.3AI score0.00088EPSS

Exploits0References2

CVE•added 2026/05/12 12:0 a.m.•10 views

CVE-2026-31228

The connected documents confirm a vulnerability in the Adversarial Robustness Toolbox (ART) up to version 1.20.1, specifically in its Kubeflow component. The root cause is that the robustness evaluation function for PyTorch models uses Python’s unsafe eval() to dynamically evaluate user-supplied ...

9.8CVSS6.5AI score0.00378EPSS

Exploits0References2

RedhatCVE•added 2026/01/07 9:19 a.m.•7 views

CVE-2025-1944

picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan...

6.5CVSS6.6AI score0.00144EPSS

Exploits1References1

Github Security Blog•added 2025/12/29 3:24 p.m.•2 views

Picklescan missing detection when calling pty.spawn

Summary Using pty.spawn, which is a built-in python library function to execute arbitrary commands on the host system. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to pty.spawn function in the reduce method. Then the victim attempts ...

7.9AI score

Exploits0References5Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-2191

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00436EPSS

Exploits1References3

Github Security Blog•added 2025/03/10 6:26 p.m.•10 views

Zip Exploit Crashes Picklescan But Not PyTorch

Summary PickleScan is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise...

6.5CVSS6.9AI score0.00144EPSS

Exploits1References6Affected Software1

OSV•added 2025/03/10 6:26 p.m.•4 views

GHSA-7Q5R-7GVP-WC82 Zip Exploit Crashes Picklescan But Not PyTorch

6.5CVSS6.3AI score0.00144EPSS

Exploits1References6

Github Security Blog•added 2025/03/10 6:26 p.m.•19 views

Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch

Summary PickleScan fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully...

9.8CVSS8AI score0.00871EPSS

Exploits1References6Affected Software1

Snyk•added 2025/03/10 12:30 p.m.•2 views

Insufficient Verification of Data Authenticity

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity due to improper handling of modified ZIP file flag bits. Attackers can exploit this by altering...

9.8CVSS6.9AI score0.00871EPSS

Exploits1References2

Github Security Blog•added 2025/03/10 12:30 p.m.•7 views

Duplicate Advisory: Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w8jq-xcqf-f792. This link is maintained to preserve external references. Original Description picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file...

9.8CVSS7.8AI score0.00871EPSS

Exploits1References5Affected Software1

OSV•added 2025/03/10 12:30 p.m.•3 views

GHSA-W6MR-MJ53-X258 Duplicate Advisory: Zip Exploit Crashes Picklescan But Not PyTorch

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7q5r-7gvp-wc82. This link is maintained to preserve external references. Original Description picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting t...

5.3CVSS6.4AI score0.00144EPSS

Exploits1References4

NVD•added 2025/03/10 12:15 p.m.•10 views

CVE-2025-1945

picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being...

9.8CVSS0.00871EPSS

Exploits1References3

OSV•added 2025/03/10 12:15 p.m.•5 views

CVE-2025-1945

9.8CVSS7.1AI score0.00871EPSS

Exploits1References3

OSV•added 2025/03/10 12:15 p.m.•3 views

PYSEC-2025-21

9.8CVSS7.8AI score0.00871EPSS

Exploits1References3

OSV•added 2025/03/10 12:15 p.m.•4 views

CVE-2025-1944