Package impact

PIP / ludwig

CVE	Severity	CVSS	Risk	Flags	OS	Vendor	Published	Description
CVE-2026-31238	critical	9.8	9.8				16d ago	Ludwig framework is vulnerable to insecure deserialization in its model serving component
CVE-2026-31237	critical	9.8	9.8				16d ago	Ludwig framework is vulnerable to insecure deserialization through its predict() method.