CVE-2026-31237
CriticalSummary
The Ludwig framework up to version 0.10.4 is vulnerable to insecure deserialization through its predict() method. This allows a remote attacker to execute arbitrary code on the system if a maliciously crafted pickle file is provided.
Risk Assessment
This vulnerability poses a serious risk to organizations as it allows for remote code execution, potentially leading to system compromise.
Recommendation
It is recommended to update the Ludwig framework to the latest version and to avoid using pickle files in the predict() method without proper security measures.
Original NVD description (English source)
The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization (CWE-502) through its predict() method. When a user provides a dataset file path to the predict() method, the framework automatically determines the file format. If the file is a pickle (.pkl) file, it is loaded using pandas.read_pickle() without any validation or security restrictions. This allows the deserialization of arbitrary Python objects via the unsafe pickle module. A remote attacker can exploit this by providing a maliciously crafted pickle file, leading to arbitrary code execution on the system running the Ludwig prediction.

