2 matches found
CVE-2026-54499
A flaw was found in Stanza, a Stanford NLP Python library. Stanza model loaders, such as stanza.models.common.pretrain.Pretrain.load, attempt to safely load PyTorch checkpoint files. However, if this safe load fails due to an attacker-controllable pickle.UnpicklingError, the loaders fall back to ...
PT-2026-51062
Name of the Vulnerable Software and Affected Versions Stanza version 1.12.0 Description An issue exists where the software attempts to load PyTorch checkpoint files using a safe method but automatically falls back to an unsafe deserialization process when a pickle.UnpicklingError occurs. Because...