CVE-2026-31214

Published: May 12, 2026

Modified: May 13, 2026

PUBLISHED

Description

The torch-checkpoint-shrink.py script in the ml-engineering project in commit 0099885db36a8f06556efe1faf552518852cb1e0 (2025-20-27) contains an insecure deserialization vulnerability (CWE-502). The script uses torch.load() to process PyTorch checkpoint files (.pt) without enabling the security-restrictive weights_only=True parameter. This oversight allows the deserialization of arbitrary Python objects via the pickle module. A remote attacker can exploit this by providing a maliciously crafted checkpoint file, leading to arbitrary code execution in the context of the user running the script.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/stas00/ml-engineering/blob/master/training/checkpoints/torch-checkpoint-shrink.py#L57

https://www.notion.so/CVE-2026-31214-35d1e1393188813fa40eef73c174cee5

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-31214

Description

Affected Products

References