CVE-2026-1839: Python Torch Load Without Weights Only
torch.load() is called without weights_only=True inside the trainer's _load_rng_state method. By default, torch.load (on PyTorch < 2.6) deserializes via pickle and can execute arbitrary code from a malicious rng_state.pth checkpoint file. Wrapping the call in safe_globals() does NOT mitigate this on PyTorch < 2.6 because safe_globals() returns contextlib.nul
greprules fetch cve-2026-1839-python-torch-load-without-weights-only --engine opengrepDescription
torch.load() is called without weights_only=True inside the trainer's _load_rng_state method. By default, torch.load (on PyTorch < 2.6) deserializes via pickle and can execute arbitrary code from a malicious rng_state.pth checkpoint file. Wrapping the call in safe_globals() does NOT mitigate this on PyTorch < 2.6 because safe_globals() returns contextlib.nul
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.