Vulnerability Details CVE-2026-31223
The snorkel library thru v0.10.0 contains a critical insecure deserialization vulnerability (CWE-502) in the BaseLabeler.load() method of the BaseLabeler class. The method loads serialized labeler models using the unsafe pickle.load() function on user-supplied file paths without any validation or security controls. Python's pickle module is inherently dangerous for deserializing untrusted data, as it can execute arbitrary code during the deserialization process. A remote attacker can exploit this by providing a maliciously crafted pickle file, leading to arbitrary code execution on the victim's system when the file is loaded via the vulnerable method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.9%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2026-31223
-
cpe:2.3:a:snorkel:snorkel:0.10.0
-
cpe:2.3:a:snorkel:snorkel:0.4
-
cpe:2.3:a:snorkel:snorkel:0.5
-
cpe:2.3:a:snorkel:snorkel:0.6
-
cpe:2.3:a:snorkel:snorkel:0.6.1
-
cpe:2.3:a:snorkel:snorkel:0.6.2
-
cpe:2.3:a:snorkel:snorkel:0.6.3
-
cpe:2.3:a:snorkel:snorkel:0.7.0
-
cpe:2.3:a:snorkel:snorkel:0.9.0
-
cpe:2.3:a:snorkel:snorkel:0.9.1
-
cpe:2.3:a:snorkel:snorkel:0.9.2
-
cpe:2.3:a:snorkel:snorkel:0.9.3
-
cpe:2.3:a:snorkel:snorkel:0.9.4
-
cpe:2.3:a:snorkel:snorkel:0.9.5
-
cpe:2.3:a:snorkel:snorkel:0.9.6
-
cpe:2.3:a:snorkel:snorkel:0.9.7
-
cpe:2.3:a:snorkel:snorkel:0.9.8
-
cpe:2.3:a:snorkel:snorkel:0.9.9