CVE-2026-31217

CRITICAL

optimate - Remote Code Execution via Unsafe Model Directory Loading

Title source: llm

Description

The _load_model() function in the neural_magic_training.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f (2024-07-21) allows arbitrary code execution. When a user supplies a directory path via the --model command-line argument, the function reads a module.py file from that directory and executes its contents directly using Python's exec() function. This design does not validate or sanitize the file's content, allowing an attacker who controls the input directory to execute arbitrary Python code in the context of the process running the script.

References (2)

Core 2

Core References

https://github.com/nebuly-ai/optimate

View Writeup ZIP pw:eip

https://www.notion.so/CVE-2026-31217-35d1e13931888179ae40dea5258d2db9

Scores

CVSS v3 9.8

EPSS 0.0043

EPSS Percentile 33.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-94

Status published

Products (1)

nebuly/optimate 2024-07-21

Published May 12, 2026

Tracked Since May 12, 2026