Bug 2476522 (CVE-2026-31228) - CVE-2026-31228 adversarial-robustness-toolbox: kubeflow: Adversarial Robustness Toolbox (ART) Kubeflow: Remote code execution via unsanitized user input
Summary: CVE-2026-31228 adversarial-robustness-toolbox: kubeflow: Adversarial Robustne...
Keywords:
Status: NEW
Alias: CVE-2026-31228
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-05-12 16:02 UTC by OSIDB Bzimport
Modified: 2026-06-22 20:58 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description OSIDB Bzimport 2026-05-12 16:02:16 UTC
The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval() function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters without any sanitization or security restrictions. An attacker can exploit this by providing a specially crafted string that contains arbitrary Python code, which will be executed when eval() is called, leading to complete compromise of the system running the ART evaluation.


Note You need to log in before you can comment on or make changes to this bug.