CVE-2026-31224

Name of the Vulnerable Software and Affected Versions snorkel versions prior to 0.10.1

Description Insecure deserialization occurs in the MultitaskClassifier.load() method of the MultitaskClassifier class. The method utilizes torch.load() to load model weight files without enabling the weights only=True parameter. This allows the deserialization of arbitrary Python objects via the Pickle module, which is a process of converting a byte stream back into an object. A remote attacker can provide a maliciously crafted model file to achieve arbitrary code execution on the victim's system.

Recommendations Update to a version later than 0.10.0. As a temporary workaround, restrict the loading of model files to trusted sources only.