High severity8.8NVD Advisory· Published May 12, 2026· Updated May 15, 2026
CVE-2026-31222
CVE-2026-31222
Description
The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability (CWE-502) in the Trainer.load() method of the Trainer class. The method loads model checkpoint files using torch.load() without enabling the security-restrictive weights_only=True parameter. This default behavior allows the deserialization of arbitrary Python objects via the Pickle module. A remote attacker can exploit this by providing a maliciously crafted model file, leading to arbitrary code execution on the victim's system when the file is loaded via the vulnerable method.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
snorkelPyPI | <= 0.10.0 | — |
Affected products
3(expand)+ 2 more
- (no CPE)
- cpe:2.3:a:snorkel:snorkel:*:*:*:*:*:*:*:*range: <=0.10.0
- (no CPE)range: <=0.10.0
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-78cp-f66x-qmh5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-31222ghsaADVISORY
- www.notion.so/CVE-2026-31222-35d1e139318881db8398e0732af8df6dnvdThird Party AdvisoryWEB
News mentions
0No linked articles in our index yet.