CVE-2026-31228
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk45th percentile — higher than 45% of all known CVEs
Summary
Adversarial Robustness Toolbox (ART) through version 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval() function to dynamically evaluate user-supplied strings for LossFn and Optimizer parameters without any sanitization, allowing an attacker to inject arbitrary Python code.
Risk Assessment
An attacker can fully compromise the system running the ART evaluation, leading to a breach of confidentiality, integrity, and availability of organizational data and infrastructure.
Recommendation
Immediately update the ART library to a version newer than 1.20.1 if available, or apply a workaround by disabling or replacing the eval() function with a safer input validation mechanism.
Original NVD description (English source)
The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval() function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters without any sanitization or security restrictions. An attacker can exploit this by providing a specially crafted string that contains arbitrary Python code, which will be executed when eval() is called, leading to complete compromise of the system running the ART evaluation.

