CVE-2026-31217
The CVE-2026-31217 entry concerns the optimate project’s neural_magic_training.py _load_model() function. If a user supplies a directory via --model, it reads module.py from that directory and executes its contents with Python's exec() without validation or sanitization. This enables an attacker ...