CVE-2026-31214CRITICAL 9.8EPSS p38.0%

CVE-2026-31214CVE-2026-31214

Description

The torch-checkpoint-shrink.py script in the ml-engineering project in commit 0099885db36a8f06556efe1faf552518852cb1e0 (2025-20-27) contains an insecure deserialization vulnerability (CWE-502). The script uses torch.load() to process PyTorch checkpoint files (.pt) without enabling the security-restrictive weights_only=True parameter. This oversight allows the deserialization of arbitrary Python objects via the pickle module. A remote attacker can exploit this by providing a maliciously crafted checkpoint file, leading to arbitrary code execution in the context of the user running the script.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.49% probability of exploitation · percentile 38.0% · 2026-06-18T12:00:27Z
Published2026-05-12
Last modified2026-05-13

Underlying weaknesses· 1

CWE-502

References

  1. https://github.com/stas00/ml-engineering/blob/master/training/checkpoints/torch-checkpoint-shrink.py#L57
  2. https://www.notion.so/CVE-2026-31214-35d1e1393188813fa40eef73c174cee5

1

TypeTargetConfidenceTier
WeaknessDeserialization of Untrusted Datacwe-5020%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-31218
CVE
CVE-2026-38950
CVE
CVE-2026-31222
CVE
CVE-2026-24747
CVE
CVE-2026-31219
CVE
CVE-2026-31224
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.