CVE-2026-15529

Summary

A vulnerability was detected in yzhao062 pyod 3.5.0/3.5.1/3.5.2. Affected is the function pyod.utils.persistence.load of the file pyod/utils/persistence.py. Performing a manipulation of the argument path results in deserialization. The attack can be initiated remotely. The pull request to fix this issue requires some minor changes.

Affected Software

VendorProductVersion RangeStatus
yzhao062pyod3.5.0affected
yzhao062pyod3.5.1affected
yzhao062pyod3.5.2affected

Weaknesses

  • CWE-502: Deserialization
  • CWE-20: Improper Input Validation

References