PT-2026-57616 · Yzhao062 · Pyod

Dem0000000

·

Published

2026-07-13

·

Updated

2026-07-13

·

CVE-2026-15529

CVSS v2.0

6.5

Medium

VectorAV:N/AC:L/Au:S/C:P/I:P/A:P
A vulnerability was detected in yzhao062 pyod 3.5.0/3.5.1/3.5.2. Affected is the function pyod.utils.persistence.load of the file pyod/utils/persistence.py. Performing a manipulation of the argument path results in deserialization. The attack can be initiated remotely. The pull request to fix this issue requires some minor changes.

Fix

RCE

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-15529

Affected Products

Pyod