CVE 9.8 CRITICAL

CVE-2026-31238_CVE-2026-31238

May 14, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization (CWE-502) in its model serving component. When starting a model server with the ludwig serve command, the framework loads model weight files using torch.load() without enabling the security-restrictive weights_only=True parameter. This default behavior allows the deserialization of arbitrary Python objects via the pickle module. An attacker can exploit this by providing a maliciously crafted PyTorch model file, leading to arbitrary code execution on the system hosting the Ludwig model server.

AI Analysis

Insecure deserialization vulnerability in Ludwig framework's model serving component, allowing arbitrary code execution via malicious PyTorch model files.

Basic Information

ID CVE-2026-31238

Source mitre

Published May 12, 2026 at 00:00

Modified May 14, 2026 at 19:54

Affected Product

Vendor Ludwig AI

Product Ludwig

Version 0.10.4

Affected Versions n/a n/a n/a

CWE Classification

CWE-502

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor Ludwig AI

Product Ludwig

Version 0.10.4

References

{
    "lastseen": "",
    "description": "The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization (CWE-502) in its model serving component. When starting a model server with the ludwig serve command, the framework loads model weight files using torch.load() without enabling the security-restrictive weights_only=True parameter. This default behavior allows the deserialization of arbitrary Python objects via the pickle module. An attacker can exploit this by providing a maliciously crafted PyTorch model file, leading to arbitrary code execution on the system hosting the Ludwig model server.",
    "published": "2026-05-12T00:00:00.000Z",
    "modified": "2026-05-14T19:54:20.630Z",
    "type": "cve",
    "title": "CVE-2026-31238",
    "source": "mitre",
    "references": "https://github.com/ludwig-ai/ludwig\nhttps://www.notion.so/CVE-2026-31238-35d1e1393188819ea77ee98ca85a2878",
    "id": "CVE-2026-31238",
    "bulletinFamily": "",
    "cwe": [
        "CWE-502"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Ludwig",
    "version": "0.10.4",
    "vendor": "Ludwig AI",
    "ai_description": "Insecure deserialization vulnerability in Ludwig framework's model serving component, allowing arbitrary code execution via malicious PyTorch model files.",
    "ai_severity": "Critical",
    "ai_vendor": "Ludwig AI",
    "ai_product": "Ludwig",
    "ai_version": "0.10.4",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply