VIR Vulnerability Intelligence Relay

Package impact

PIP / ludwig

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-31238 critical 9.8 9.8 16d ago Ludwig framework is vulnerable to insecure deserialization in its model serving component python
CVE-2026-31237 critical 9.8 9.8 16d ago Ludwig framework is vulnerable to insecure deserialization through its predict() method. python