Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable deserialization requiring low-privilege authentication; no scope change and limited C/I/A impact consistent with constrained deployment exposure.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability was detected in yzhao062 pyod 3.5.0/3.5.1/3.5.2. Affected is the function pyod.utils.persistence.load of the file pyod/utils/persistence.py. Performing a manipulation of the argument path results in deserialization. The attack can be initiated remotely. The pull request to fix this issue requires some minor changes.
AnalysisAI
Unsafe deserialization in pyod 3.5.0-3.5.2 exposes the pyod.utils.persistence.load function to remote exploitation by authenticated low-privilege users who can manipulate the path argument. Rooted in CWE-502 (Deserialization of Untrusted Data), the flaw allows a crafted serialized payload supplied via the path parameter to be deserialized without adequate validation, potentially yielding code execution or data manipulation within the running process. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that the attacker holds low-privilege authenticated access (confirmed by CVSS PR:L) to a system or application that invokes `pyod.utils.persistence.load` with a `path` argument the attacker can influence. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L) yields a score of 5.3, indicating moderate severity. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An authenticated user with low-privilege access to an application that wraps `pyod.utils.persistence.load` stages a crafted malicious pickle file on an attacker-controlled path - either uploaded to the target host or accessible via a file path the application will follow - and then triggers a model-load operation with the manipulated path argument. When pyod deserializes the file, the embedded malicious Python object executes arbitrary code in the context of the application's process. … |
| Remediation | The primary remediation is to apply the upstream patch from GitHub pull request #698 (https://github.com/yzhao062/pyod/pull/698) once a tagged release incorporating the fix is published to PyPI; no formally versioned patched release has been independently confirmed at time of analysis, so monitor the pyod releases page and PyPI listing for an update. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-502 – Deserialization of Untrusted Data
View allSame technique Deserialization
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-43275
GHSA-997v-r4v7-9f3g