GHSA-75m9-98v2-hjpm
Suggest an improvement- Source
- https://github.com/advisories/GHSA-75m9-98v2-hjpm
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-75m9-98v2-hjpm/GHSA-75m9-98v2-hjpm.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-75m9-98v2-hjpm
- Aliases
-
- CVE-2026-31221
- Published
- 2026-05-12T18:30:38Z
- Modified
- 2026-05-18T20:33:53.412401Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- PyTorch Lightning load_from_checkpoint has an insecure checkpoint deserialization
- Details
-
PyTorch-Lightning versions 2.6.0 and earlier contain an insecure deserialization vulnerability (CWE-502) in the checkpoint loading mechanism. The LightningModule.loadfromcheckpoint() method, which is commonly used to load saved model states, internally calls torch.load() without setting the security-restrictive weights_only=True parameter. This default behavior allows the deserialization of arbitrary Python objects via the Pickle module. A remote attacker can exploit this by providing a maliciously crafted checkpoint file, leading to arbitrary code execution on the victim's system when the file is loaded.
- Database specific
{ "github_reviewed_at": "2026-05-18T20:24:38Z", "github_reviewed": true, "cwe_ids": [ "CWE-502" ], "nvd_published_at": "2026-05-12T16:16:14Z", "severity": "HIGH" }- References
Affected packages
PyPI / pytorch-lightning
Package
- Name
- pytorch-lightning
- View open source insights on deps.dev
- Purl
- pkg:pypi/pytorch-lightning
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected2.6.0
Affected versions
0.*
0.0.2
0.2
0.2.2
0.2.3
0.2.4
0.2.4.1
0.2.5
0.2.5.1
0.2.5.2
0.2.6
0.3
0.3.1
0.3.2
0.3.3
0.3.4
0.3.4.1
0.3.5
0.3.6
0.3.6.1
0.3.6.3
0.3.6.4
0.3.6.5
0.3.6.6
0.3.6.7
0.3.6.8
0.3.6.9
0.4.0
0.4.1
0.4.2
0.4.3
0.4.4
0.4.5
0.4.6
0.4.7
0.4.8
0.4.9
0.5.0
0.5.1
0.5.1.2
0.5.1.3
0.5.2
0.5.2.1
0.5.3
0.5.3.1
0.5.3.2
0.5.3.3
0.6.0
0.7.1
0.7.3
0.7.5
0.7.6
0.8.1
0.8.3
0.8.4
0.8.5
0.9.0
0.10.0
1.*
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
1.0.8
1.1.0
1.1.1
1.1.2
1.1.3
1.1.4
1.1.5
1.1.6
1.1.7
1.1.8
1.2.0rc0
1.2.0rc1
1.2.0rc2
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.2.7
1.2.8
1.2.9
1.2.10
1.3.0rc1
1.3.0rc2
1.3.0rc3
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.3.5
1.3.6
1.3.7
1.3.7.post0
1.3.8
1.4.0rc0
1.4.0rc1
1.4.0rc2
1.4.0
1.4.1
1.4.2
1.4.3
1.4.4
1.4.5
1.4.6
1.4.7
1.4.8
1.4.9
1.5.0rc0
1.5.0rc1
1.5.0
1.5.1
1.5.2
1.5.3
1.5.4
1.5.5
1.5.6
1.5.7
1.5.8
1.5.9
1.5.10
1.5.10.post0
1.6.0rc0
1.6.0rc1
1.6.0
1.6.1
1.6.2
1.6.3
1.6.4
1.6.5
1.6.5.post0
1.7.0rc0
1.7.0rc1
1.7.0
1.7.1
1.7.2
1.7.3
1.7.4
1.7.5
1.7.6
1.7.7
1.8.0rc0
1.8.0rc1
1.8.0rc2
1.8.0
1.8.0.post1
1.8.1
1.8.2
1.8.3
1.8.3.post0
1.8.3.post1
1.8.3.post2
1.8.4
1.8.4.post0
1.8.5
1.8.5.post0
1.8.6
1.9.0rc0
1.9.0
1.9.1
1.9.2
1.9.3
1.9.4
1.9.5
2.*
2.0.0rc0
2.0.0
2.0.1
2.0.1.post0
2.0.2
2.0.3
2.0.4
2.0.5
2.0.6
2.0.7
2.0.8
2.0.9
2.0.9.post0
2.1.0rc0
2.1.0rc1
2.1.0
2.1.1
2.1.2
2.1.3
2.1.4
2.2.0rc0
2.2.0
2.2.0.post0
2.2.1
2.2.2
2.2.3
2.2.4
2.2.5
2.3.0
2.3.1
2.3.2
2.3.3
2.4.0
2.5.0rc0
2.5.0
2.5.0.post0
2.5.1rc0
2.5.1rc1
2.5.1rc2
2.5.1
2.5.1.post0
2.5.2
2.5.3
2.5.4
2.5.5
2.5.6
2.6.0.dev0
2.6.0