CVE Catalog

CVE-2026-31228

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.61%

45th percentile — higher than 45% of all known CVEs

Summary

Adversarial Robustness Toolbox (ART) through version 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval() function to dynamically evaluate user-supplied strings for LossFn and Optimizer parameters without any sanitization, allowing an attacker to inject arbitrary Python code.

Risk Assessment

An attacker can fully compromise the system running the ART evaluation, leading to a breach of confidentiality, integrity, and availability of organizational data and infrastructure.

Recommendation

Immediately update the ART library to a version newer than 1.20.1 if available, or apply a workaround by disabling or replacing the eval() function with a safer input validation mechanism.

Original NVD description (English source)

The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval() function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters without any sanitization or security restrictions. An attacker can exploit this by providing a specially crafted string that contains arbitrary Python code, which will be executed when eval() is called, leading to complete compromise of the system running the ART evaluation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS