CVE-2026-31239: The mamba language model framework thru 2.2.6 is vulnerable to insecure deserialization (CWE-502) when loading pre-train
criticalvulnerabilityLLM-Specific
security
Summary
The mamba language model framework (versions up to 2.2.6) has a vulnerability in how it loads pre-trained models from HuggingFace Hub (a platform where AI models are shared). When loading models, it uses an unsafe method called torch.load() without the weights_only=True security parameter, which allows attackers to sneak malicious code into model files. An attacker could upload a compromised model to HuggingFace Hub, and when someone downloads and loads it, the attacker's code runs on their computer.
Vulnerability Details
EPSS (30-day exploit probability)
EPSS: 0.0%
Disclosure Date
May 12, 2026
Classification
Attack Type
Supply ChainModel Theft
Attack SophisticationModerate
Impact (CIA+S)
integrity
Affected Vendors
HuggingFace
Related Issues
Monthly digest — independent AI security research
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-31239
First tracked: May 12, 2026 at 08:09 PM
Classified by LLM (prompt v3) · confidence: 95%