Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-31253

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-11 May, 2026 | 00:00
Updated At-12 May, 2026 | 19:32
Rejected At-
Credits

The flash-attention training framework thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 (2025-13-04) contains an insecure deserialization vulnerability (CWE-502) in its checkpoint loading mechanism. The load_checkpoint() function in checkpoint.py and the checkpoint loading code in eval.py use torch.load() without enabling the security-restrictive weights_only=True parameter. This allows the deserialization of arbitrary Python objects via the pickle module. An attacker can exploit this by providing a maliciously crafted checkpoint file. When a victim loads this checkpoint during model warmstarting or evaluation, arbitrary code is executed on the victim's system.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:11 May, 2026 | 00:00
Updated At:12 May, 2026 | 19:32
Rejected At:
▼CVE Numbering Authority (CNA)

The flash-attention training framework thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 (2025-13-04) contains an insecure deserialization vulnerability (CWE-502) in its checkpoint loading mechanism. The load_checkpoint() function in checkpoint.py and the checkpoint loading code in eval.py use torch.load() without enabling the security-restrictive weights_only=True parameter. This allows the deserialization of arbitrary Python objects via the pickle module. An attacker can exploit this by providing a maliciously crafted checkpoint file. When a victim loads this checkpoint during model warmstarting or evaluation, arbitrary code is executed on the victim's system.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Dao-AILab/flash-attention
N/A
https://www.notion.so/CVE-2026-31253-35d1e1393188813f9e77e2038104bc49
N/A
Hyperlink: https://github.com/Dao-AILab/flash-attention
Resource: N/A
Hyperlink: https://www.notion.so/CVE-2026-31253-35d1e1393188813f9e77e2038104bc49
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-502CWE-502 Deserialization of Untrusted Data
CWECWE-94CWE-94 Improper Control of Generation of Code ('Code Injection')
Type: CWE
CWE ID: CWE-502
Description: CWE-502 Deserialization of Untrusted Data
Type: CWE
CWE ID: CWE-94
Description: CWE-94 Improper Control of Generation of Code ('Code Injection')
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:11 May, 2026 | 17:16
Updated At:12 May, 2026 | 20:16

The flash-attention training framework thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 (2025-13-04) contains an insecure deserialization vulnerability (CWE-502) in its checkpoint loading mechanism. The load_checkpoint() function in checkpoint.py and the checkpoint loading code in eval.py use torch.load() without enabling the security-restrictive weights_only=True parameter. This allows the deserialization of arbitrary Python objects via the pickle module. An attacker can exploit this by providing a maliciously crafted checkpoint file. When a victim loads this checkpoint during model warmstarting or evaluation, arbitrary code is executed on the victim's system.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-94Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-502Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-94
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-502
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/Dao-AILab/flash-attentioncve@mitre.org
N/A
https://www.notion.so/CVE-2026-31253-35d1e1393188813f9e77e2038104bc49cve@mitre.org
N/A
Hyperlink: https://github.com/Dao-AILab/flash-attention
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.notion.so/CVE-2026-31253-35d1e1393188813f9e77e2038104bc49
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

112Records found
CVE-2024-13738
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.3||HIGH
EPSS-1.35% / 80.30%
||
7 Day CHG~0.00%
Published-03 May, 2025 | 02:21
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Motors - Car Dealer, Rental & Listing WordPress theme <= 5.6.65 - Unauthenticated Arbitrary Shortcode Execution

The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.6.65. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. *It is unclear exactly which version the issue was patched in from the changelog. Therefore, we used the latest version at the time of verification.

Action-Not Available
Vendor-StylemixThemes
Product-Motors - Car Dealer, Rental & Listing WordPress theme
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-1225
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.3||HIGH
EPSS-0.18% / 38.84%
||
7 Day CHG~0.00%
Published-05 Feb, 2024 | 13:00
Updated-15 May, 2025 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QiboSoft QiboCMS X1 Pay.php rmb_pay deserialization

A vulnerability classified as critical was found in QiboSoft QiboCMS X1 up to 1.0.6. Affected by this vulnerability is the function rmb_pay of the file /application/index/controller/Pay.php. The manipulation of the argument callback_class leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252847. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-qibosoftQiboSoft
Product-qibocms_x1QiboCMS X1
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-11976
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.3||HIGH
EPSS-0.10% / 27.16%
||
7 Day CHG~0.00%
Published-23 Jan, 2026 | 06:45
Updated-08 Apr, 2026 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BuddyPress <= 14.3.3 - Unauthenticated Arbitrary Shortcode Execution

The The BuddyPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 14.3.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Action-Not Available
Vendor-buddypress
Product-BuddyPress
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-10263
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.3||HIGH
EPSS-2.19% / 84.57%
||
7 Day CHG~0.00%
Published-05 Nov, 2024 | 12:45
Updated-08 Apr, 2026 | 16:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tickera – WordPress Event Ticketing <= 3.5.4.4 - Unauthenticated Arbitrary Shortcode Execution

The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.4. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Action-Not Available
Vendor-tickeratickeratickera
Product-tickeraTickera – Sell Tickets & Manage Eventstickera
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-1032
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.3||HIGH
EPSS-0.08% / 23.66%
||
7 Day CHG~0.00%
Published-30 Jan, 2024 | 13:31
Updated-27 Aug, 2024 | 20:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
openBI Test Connection Databasesource.php testConnection deserialization

A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this vulnerability is the function testConnection of the file /application/index/controller/Databasesource.php of the component Test Connection Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252307.

Action-Not Available
Vendor-openbi_projectn/a
Product-openbiopenBI
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-10899
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.3||HIGH
EPSS-0.97% / 76.78%
||
7 Day CHG~0.00%
Published-20 Nov, 2024 | 06:42
Updated-08 Apr, 2026 | 17:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WooCommerce Product Table Lite <= 3.8.6 - Unauthenticated Arbitrary Shortcode Execution & Reflected Cross-Site Scripting

The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.6. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. The same 'id' parameter is vulnerable to Reflected Cross-Site Scripting as well.

Action-Not Available
Vendor-wcproducttablewcproducttablewcproducttable
Product-woocommerce_product_tableProduct Table and List Builder for WooCommerce Litewoocommerce_product_table_lite
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-10261
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.3||HIGH
EPSS-1.23% / 79.40%
||
7 Day CHG~0.00%
Published-09 Nov, 2024 | 11:19
Updated-08 Apr, 2026 | 17:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.0 - Unauthenticated Arbitrary Shortcode Execution

The The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.13.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Action-Not Available
Vendor-cozmoslabscozmoslabscozmoslabs
Product-membership_\&_content_restriction_-_paid_member_subscriptionsPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restrictionpaid_member_subscriptions
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-10958
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.3||HIGH
EPSS-55.66% / 98.11%
||
7 Day CHG~0.00%
Published-10 Nov, 2024 | 12:30
Updated-08 Apr, 2026 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Photo Album Plus <= 8.8.08.007 - Unauthenticated Arbitrary Shortcode Execution via getshortcodedrenderedfenodelay

The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all versions up to, and including, 8.8.08.007 . This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Action-Not Available
Vendor-wppaopajaapopajaap
Product-wp_photo_album_plusWP Photo Album Pluswp_photo_album_plus
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2019-10086
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-1.24% / 79.45%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 20:10
Updated-04 Aug, 2024 | 22:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

Action-Not Available
Vendor-The Apache Software FoundationRed Hat, Inc.openSUSEFedora ProjectDebian GNU/LinuxOracle Corporation
Product-enterprise_linux_servercommunications_metasolv_solutionhospitality_reporting_and_analyticspeoplesoft_enterprise_peopletoolscommunications_billing_and_revenue_management_elastic_charging_enginecommunications_cloud_native_core_consolejd_edwards_enterpriseone_orchestratorenterprise_linux_server_auscommunications_network_integrityprimavera_gatewayretail_back_officeretail_central_officebanking_platformagile_plmretail_merchandising_systemcommunications_performance_intelligence_centercommunications_cloud_native_core_policyretail_point-of-servicepeoplesoft_enterprise_pt_peopletoolsblockchain_platformcommunications_cloud_native_core_unified_data_repositoryhealthcare_foundationservice_busenterprise_linux_workstationfedoracommunications_design_studiocustomer_management_and_segmentation_foundationenterprise_linux_euscommunications_evolved_communications_application_serverretail_price_managementcommunications_unified_inventory_managementapplication_testing_suiteenterprise_linux_desktopcommunications_convergencefusion_middlewareretail_advanced_inventory_planningretail_predictive_application_serverleapcommunications_billing_and_revenue_managemententerprise_manager_for_virtualizationsolaris_clusterflexcube_private_bankingretail_returns_managementnifiutilities_frameworkreal-time_decisions_solutionsfinancial_services_revenue_management_and_billing_analyticsretail_invoice_matchingdebian_linuxweblogic_servercommunications_pricing_design_centercommons_beanutilsretail_xstore_point_of_servicetime_and_laborhospitality_opera_5agile_product_lifecycle_management_integration_packenterprise_linux_server_tusinsurance_data_gatewayjboss_enterprise_application_platformjd_edwards_enterpriseone_toolsApache Commons Beanutils
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-0603
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.3||HIGH
EPSS-0.21% / 42.46%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 22:00
Updated-02 Jun, 2025 | 15:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZhiCms giftcontroller.php deserialization

A vulnerability classified as critical has been found in ZhiCms up to 4.0. This affects an unknown part of the file app/plug/controller/giftcontroller.php. The manipulation of the argument mylike leads to deserialization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250839.

Action-Not Available
Vendor-zhicmsn/a
Product-zhicmsZhiCms
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-0739
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.3||HIGH
EPSS-0.19% / 40.38%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 22:00
Updated-21 Oct, 2024 | 11:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hecheng Leadshop leadshop.php deserialization

A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-251562 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-leadshopHecheng
Product-leadshopLeadshop
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2023-29400
Matching Score-4
Assigner-Go Project
ShareView Details
Matching Score-4
Assigner-Go Project
CVSS Score-7.3||HIGH
EPSS-0.05% / 15.66%
||
7 Day CHG~0.00%
Published-11 May, 2023 | 15:29
Updated-24 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper handling of empty HTML attributes in html/template

Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.

Action-Not Available
Vendor-Go standard libraryGo
Product-gohtml/template
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found