PT-2026-57625 · Yashbhalgat · Hashnerf-Pytorch
Dem0000000
·
Publicado
2026-07-13
·
Atualizado
2026-07-13
·
CVE-2026-15531
CVSS v2.0
4.3
Média
| Vetor | AV:L/AC:L/Au:S/C:P/I:P/A:P |
A vulnerability has been found in yashbhalgat HashNeRF-pytorch up to 82885e698295982504eb6a26d060a6b2473e3706. Affected by this issue is the function torch.load of the file run nerf.py of the component Checkpoint File Handler. The manipulation of the argument ckpt path leads to deserialization. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The pull request to fix this issue awaits acceptance.
Exploit
Correção
RCE
Deserialization of Untrusted Data
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Hashnerf-Pytorch