NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-38950

Summary	An issue in ESA AnomalyMatch before 1.3.1 allow attackers to execute arbitrary code via crafted model checkpoint files. The affected components load model files from session directories using torch.load() with unrestricted deserialization.
Publication Date	June 2, 2026, 2:16 a.m.
Registration Date	June 2, 2026, 4:17 a.m.
Last Update	June 2, 2026, 3:09 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md	cve@mitre.org
2	https://github.com/esa/AnomalyMatch/pull/9	cve@mitre.org
3	https://imlabs.info/research/security_advisory_esa_anomaly_match_unsafe_deserialization_cve_2026_38950_ivan_markovic_052026.html	cve@mitre.org

Common Vulnerabilities List