CVE-2026-3071

Deserialization of untrusted data in the LanguageModel class of Flair from versions 0.4.1 to latest are vulnerable to arbitrary code execution when loading a malicious model...

EUVD-2026-8855

Deserialization of untrusted data in the LanguageModel class of Flair from versions 0.4.1 to latest are vulnerable to arbitrary code execution when loading a malicious model...

CVE-2026-3071

Deserialization of untrusted data in the LanguageModel class of Flair from versions 0.4.1 to latest are vulnerable to arbitrary code execution when loading a malicious model...

CVE-2026-3071

Deserialization of untrusted data in the LanguageModel class of Flair from versions 0.4.1 to latest are vulnerable to arbitrary code execution when loading a malicious model...

CVE-2026-3071

The CVE concerns Flair’s LanguageModel class where deserialization of untrusted data in versions 0.4.1 to latest allows arbitrary code execution when loading a malicious model. The issue, with CVSSv3.1 metrics indicating HIGH severity (Local access, no user interaction, full scope and high confid...

CVE-2026-3071

Deserialization of untrusted data in the LanguageModel class of Flair from versions 0.4.1 to latest are vulnerable to arbitrary code execution when loading a malicious model...

CVE-2026-3071

Deserialization of untrusted data in the LanguageModel class of Flair from versions 0.4.1 to latest are vulnerable to arbitrary code execution when loading a malicious model...

flair 安全漏洞

Flair is a very simple and advanced NLP framework developed by Flair OpenSource. There are security vulnerabilities in Flair versions 0.4.1 onwards. These vulnerabilities stem from the LanguageModel class’s ability to deserialize untrusted data, which may allow arbitrary code to be executed when...

PT-2026-22151

Name of the Vulnerable Software and Affected Versions Flair versions 0.4.1 through latest Description The deserialization of untrusted data in the LanguageModel class can lead to arbitrary code execution when loading a malicious model. Recommendations Versions prior to 0.4.1 are not affected. At...

EUVD-2019-6334

Malware in sbrugna...

EUVD-2019-6357

Malware in sbrugna...

EUVD-2024-3009

Malicious code in bioql PyPI...

Malicious code in @hopper-b2b/flair (npm)

The package @hopper-b2b/flair was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-8068 Malicious code in @hopper-b2b/flair (npm)

The package @hopper-b2b/flair was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

CVE-2019-15356

The Lava Flair Z1 Android device with a build fingerprint of LAVA/Z1/Z1:8.1.0/O11019/1536680131:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a system propert...

CVE-2019-15333

The Lava Flair Z1 Android device with a build fingerprint of LAVA/Z1/Z1:8.1.0/O11019/1536680131:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.27 that allows any app co-located on the device to programmaticall...

flair code injection vulnerability

flair is a very simple state-of-the-art NLP framework open-sourced by flair. A code injection vulnerability exists in flair version 0.14.0, which stems from the function ClusteringModel in the file flairmodelsclustering.py that leads to code injection. No detailed vulnerability details are provid...

Flair allows arbitrary code execution

A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to launch the attack remotely. The...

CVE-2024-10073

A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to launch the attack remotely. The...

abraham3k (>=1.3.8 <=1.5.3), accutuning-helpers (>=1.0.32 <=1.0.33) +76 more potentially affected by CVE-2024-10073 via flair (>=0.10.0 <=0.9.0)

flair PYPI version =0.10.0, =1.3.8, =1.0.32, =0.0.1, =0.1.0, =0.0.6, =0.1.20, =0.1.0, =0.1.0, =0.0.1.1, =0.2.4, =0.1.1, =0.1.3 and more Source cves: CVE-2024-10073 Source advisory: SNYK:PYTHON-FLAIR-8230414...