PT-2026-57625 · Yashbhalgat · Hashnerf-Pytorch

Dem0000000

·

Published

2026-07-13

·

Updated

2026-07-13

·

CVE-2026-15531

CVSS v2.0

4.3

Medium

VectorAV:L/AC:L/Au:S/C:P/I:P/A:P
A vulnerability has been found in yashbhalgat HashNeRF-pytorch up to 82885e698295982504eb6a26d060a6b2473e3706. Affected by this issue is the function torch.load of the file run nerf.py of the component Checkpoint File Handler. The manipulation of the argument ckpt path leads to deserialization. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The pull request to fix this issue awaits acceptance.

Exploit

Fix

RCE

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-15531

Affected Products

Hashnerf-Pytorch