CVE 8.8 HIGH

CVE-2026-31222_CVE-2026-31222

May 15, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability (CWE-502) in the Trainer.load() method of the Trainer class. The method loads model checkpoint files using torch.load() without enabling the security-restrictive weights_only=True parameter. This default behavior allows the deserialization of arbitrary Python objects via the Pickle module. A remote attacker can exploit this by providing a maliciously crafted model file, leading to arbitrary code execution on the victim's system when the file is loaded via the vulnerable method.

AI Analysis

Insecure deserialization vulnerability in the Trainer.load() method of the Trainer class, allowing arbitrary code execution via malicious model files

Basic Information

ID CVE-2026-31222

Source mitre

Published May 12, 2026 at 00:00

Modified May 15, 2026 at 18:05

Affected Product

Vendor snorkel-team

Product snorkel

Version v0.10.0

Affected Versions n/a n/a n/a

CWE Classification

CWE-502

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor snorkel-team

Product snorkel

Version v0.10.0

References

{
    "lastseen": "",
    "description": "The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability (CWE-502) in the Trainer.load() method of the Trainer class. The method loads model checkpoint files using torch.load() without enabling the security-restrictive weights_only=True parameter. This default behavior allows the deserialization of arbitrary Python objects via the Pickle module. A remote attacker can exploit this by providing a maliciously crafted model file, leading to arbitrary code execution on the victim's system when the file is loaded via the vulnerable method.",
    "published": "2026-05-12T00:00:00.000Z",
    "modified": "2026-05-15T18:05:36.732Z",
    "type": "cve",
    "title": "CVE-2026-31222",
    "source": "mitre",
    "references": "https://github.com/snorkel-team/snorkel\nhttps://www.notion.so/CVE-2026-31222-35d1e139318881db8398e0732af8df6d",
    "id": "CVE-2026-31222",
    "bulletinFamily": "",
    "cwe": [
        "CWE-502"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "snorkel",
    "version": "v0.10.0",
    "vendor": "snorkel-team",
    "ai_description": "Insecure deserialization vulnerability in the Trainer.load() method of the Trainer class, allowing arbitrary code execution via malicious model files",
    "ai_severity": "High",
    "ai_vendor": "snorkel-team",
    "ai_product": "snorkel",
    "ai_version": "v0.10.0",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply