VYPR

AnomalyMatch

by ESA

CVEs (1)

  • CVE-2026-38950HigJun 1, 2026
    ESA
    AnomalyMatch
    risk 0.44cvss 7.8epss

    An issue in ESA AnomalyMatch before 1.3.1 allow attackers to execute arbitrary code via crafted model checkpoint files. The affected components load model files from session directories using torch.load() with unrestricted deserialization.