GHSA-9wjg-4fhr-x4rwLowCVSS 5.3
A vulnerability has been found in yashbhalgat HashNeRF-pytorch up to...
🔗 CVE IDs covered (1)
📋 Description
A vulnerability has been found in yashbhalgat HashNeRF-pytorch up to 82885e698295982504eb6a26d060a6b2473e3706. Affected by this issue is the function torch.load of the file run_nerf.py of the component Checkpoint File Handler. The manipulation of the argument ckpt_path leads to deserialization. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The pull request to fix this issue awaits acceptance.
🔗 References (9)
- https://nvd.nist.gov/vuln/detail/CVE-2026-15531
- https://github.com/yashbhalgat/HashNeRF-pytorch/issues/49
- https://github.com/yashbhalgat/HashNeRF-pytorch/pull/50
- https://github.com/yashbhalgat/HashNeRF-pytorch
- https://vuldb.com/cve/CVE-2026-15531
- https://vuldb.com/submit/854906
- https://vuldb.com/vuln/377874
- https://vuldb.com/vuln/377874/cti
- https://github.com/advisories/GHSA-9wjg-4fhr-x4rw