Cyber Posture

CVE-2026-31214

CriticalRCE

Published: 12 May 2026

Published
12 May 2026
Modified
13 May 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0039 60.2th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-31214 is a critical-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Notion (inferred from references). Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 39.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Deep Learning Frameworks; in the Supply Chain and Deployment risk domain.

Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

CA-8 Penetration Testing
addresses: CWE-502

Penetration testing supplies malicious serialized objects, detecting unsafe deserialization and supporting corrective actions.

SA-11 Developer Testing and Evaluation
addresses: CWE-502

Evaluation of untrusted data handling (deserialization testing) reveals unsafe processing, which the required remediation process addresses.

SC-44 Detonation Chambers
addresses: CWE-502

Untrusted serialized data can be deserialized and observed inside the chamber, blocking gadget-chain exploitation outside the sandbox.

SI-10 Information Input Validation
addresses: CWE-502

Validates or rejects untrusted serialized data before deserialization occurs.

SI-3 Malicious Code Protection
addresses: CWE-502

Identifies and blocks malicious code introduced through deserialization of untrusted data at system boundaries.

SI-7 Software, Firmware, and Information Integrity
addresses: CWE-502

Integrity verification of serialized information can detect tampering before deserialization occurs.

SR-4 Provenance
addresses: CWE-502

Provenance of associated data allows detection of untrusted sources before deserialization or processing occurs.

NVD Description

The torch-checkpoint-shrink.py script in the ml-engineering project in commit 0099885db36a8f06556efe1faf552518852cb1e0 (2025-20-27) contains an insecure deserialization vulnerability (CWE-502). The script uses torch.load() to process PyTorch checkpoint files (.pt) without enabling the security-restrictive weights_only=True parameter. This oversight allows the deserialization of arbitrary…

more

Python objects via the pickle module. A remote attacker can exploit this by providing a maliciously crafted checkpoint file, leading to arbitrary code execution in the context of the user running the script.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s)
CWE-502

Affected Products

Notion
inferred from references and description; NVD did not file a CPE for this CVE

AI Security AnalysisAI

AI Category
Deep Learning Frameworks
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ml, pytorch

References