Lucene search
K

59 matches found

CVE
CVE
added last week27 views

CVE-2026-54499

CVE-2026-54499 affects Stanza prior to 1.12.2, where model loading uses torch.load(..., weights_only=True) and on an attacker-controllable pickle.UnpicklingError falls back to weights_only=False, enabling arbitrary pickle code execution when loading a malicious .pt pretrain/file. The vulnerabilit...

7.5CVSS6.3AI score0.00317EPSS
Exploits1References4Affected Software1
OSV
OSV
added last week3 views

CVE-2026-54499 Stanza: Remote Code Execution via Unsafe Pickle Deserialization in Model Loaders

Stanza is a Stanford NLP Python library for tokenization, sentence segmentation, NER, and parsing of many human languages. Prior to 1.12.2, Stanza model loaders such as stanza.models.common.pretrain.Pretrain.load attempt torch.load..., weightsonly=True but fall back to torch.load...,...

7.5CVSS6.3AI score0.00317EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/07/04 1:23 a.m.9 views

CVE-2025-71369

picklescan before 0.0.28 fails to detect malicious pickle files that use torch.utils.data.datapipes.utils.decoder.basichandlers in reduce methods, allowing attackers to bypass safety checks. Remote attackers can embed undetected malicious code in pickle files that executes during deserialization,...

8.1CVSS6.3AI score0.00445EPSS
Exploits0References3
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-545 OpenStack Object Storage (swift) Code Injection vulnerability

OpenStack Object Storage swift before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object...

9.8CVSS7.7AI score0.06518EPSS
Exploits0References19
EUVD
EUVD
added 2026/06/20 3:24 p.m.10 views

EUVD-2026-38123

picklescan before 1.0.1 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to create arbitrary zero-byte files via logging.FileHandler class instantiation. Attackers can exploit this by crafting malicious pickle payloads to bypass RCE blocklists and create...

6.9CVSS6AI score0.00288EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/20 3:24 p.m.6 views

CVE-2026-56304

picklescan before 1.0.1 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to create arbitrary zero-byte files via logging.FileHandler class instantiation. Attackers can exploit this by crafting malicious pickle payloads to bypass RCE blocklists and create...

6.9CVSS6AI score0.00288EPSS
Exploits1References3
CVE
CVE
added 2026/06/20 3:24 p.m.42 views

CVE-2026-56304

CVE-2026-56304 affects picklescan versions before 1.0.1. The flaw is an unsafe pickle deserialization through the logging.FileHandler class, allowing unauthenticated attackers to craft malicious pickle payloads to create arbitrary zero-byte files. This can bypass RCE blocklists and lead to filesy...

6.9CVSS6AI score0.00288EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/06/17 3:5 p.m.10 views

EUVD-2026-37738

picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like /etc/passwd to externa...

8.7CVSS5.6AI score0.00509EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 3:5 p.m.2 views

CVE-2026-53872 picklescan - Arbitrary File Read via Unsafe Pickle Deserialization

picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like /etc/passwd to externa...

8.7CVSS6AI score0.00509EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/17 3:5 p.m.23 views

CVE-2026-53872 picklescan - Arbitrary File Read via Unsafe Pickle Deserialization

picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like /etc/passwd to externa...

8.7CVSS0.00509EPSS
Exploits0References2
OSV
OSV
added 2026/05/29 2:29 p.m.3 views

CVE-2026-10042 manga-image-translator RCE via Unsafe Pickle Deserialization in Share Model

manga-image-translator contains a remote code execution vulnerability in the shared API server mode due to unsafe deserialization of untrusted pickle data in the share.py module, where the /execute/methodname and /simpleexecute/methodname endpoints deserialize attacker-controlled HTTP request...

9.2CVSS6.9AI score0.00622EPSS
Exploits0References6
CVE
CVE
added 2026/05/29 2:29 p.m.31 views

CVE-2026-10042

The CVE-2026-10042 issue affects manga-image-translator, specifically the share.py module of the shared API server. It enables remote code execution through unsafe deserialization of attacker-controlled pickle data in the /execute/{method_name} and /simple_execute/{method_name} endpoints, which c...

9.8CVSS6.7AI score0.00622EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/15 7:57 p.m.11 views

CVE-2026-31223

The snorkel library thru v0.10.0 contains a critical insecure deserialization vulnerability CWE-502 in the BaseLabeler.load method of the BaseLabeler class. The method loads serialized labeler models using the unsafe pickle.load function on user-supplied file paths without any validation or...

8.8CVSS6.5AI score0.00392EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.12 views

EUVD-2026-29507

The snorkel library thru v0.10.0 contains a critical insecure deserialization vulnerability CWE-502 in the BaseLabeler.load method of the BaseLabeler class. The method loads serialized labeler models using the unsafe pickle.load function on user-supplied file paths without any validation or...

6.5AI score0.00392EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/12 5:22 p.m.12 views

Deserialization of Untrusted Data

Overview lightning is a Deep Learning framework to train, deploy, and ship AI products Lightning fast. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the LightningModule.loadfromcheckpoint function. Any workflow that calls this function on an untrusted...

9.8CVSS6.2AI score0.00385EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Snorkel 安全漏洞

Snorkel is an open-source system developed by Snorkel that uses weak supervision to quickly generate training data. Versions of Snorkel prior to v0.10.0 contain security vulnerabilities. These vulnerabilities stem from the BaseLabeler class’s BaseLabeler.load method, which uses the unsafe...

8.8CVSS6.1AI score0.00392EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/04/28 11:18 a.m.15 views

Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE

Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform with nearly 24,000 GitHub stars, that could be exploited to achieve remote code execution. The vulnerability in question is CVE-2026-25874 CVSS score: 9.3,...

9.3CVSS7.4AI score0.15547EPSS
Exploits1
EUVD
EUVD
added 2026/04/23 9:31 p.m.15 views

EUVD-2026-25292

LeRobot contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads is used to deserialize data received over unauthenticated gRPC channels without TLS in the policy server and robot client components. An unauthenticated network-reachable attacker can achie...

9.3CVSS6.4AI score0.15547EPSS
Exploits1References6
NVD
NVD
added 2026/04/23 4:16 p.m.12 views

CVE-2025-62373

Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. Versions 0.0.41 through 0.0.93 have a vulnerability in LivekitFrameSerializer – an optional, non-default, undocumented frame serializer class now deprecated intended for LiveKit...

9.8CVSS0.00701EPSS
Exploits1References1
OSV
OSV
added 2026/04/23 2:40 p.m.3 views

CVE-2025-62373 Pipecat vulnerable to Remote Code Execution by Pickle Deserialization via LivekitFrameSerializer

Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. Versions 0.0.41 through 0.0.93 have a vulnerability in LivekitFrameSerializer – an optional, non-default, undocumented frame serializer class now deprecated intended for LiveKit...

9.8CVSS6.9AI score0.00701EPSS
Exploits1References3
Rows per page
Query Builder