๐Ÿ” CVE Alert

CVE-2026-15529

MEDIUM 6.3

yzhao062 pyod persistence.py pyod.utils.persistence.load deserialization

CVSS Score
6.3
EPSS Score
0.3%
EPSS Percentile
16th

A vulnerability was detected in yzhao062 pyod 3.5.0/3.5.1/3.5.2. Affected is the function pyod.utils.persistence.load of the file pyod/utils/persistence.py. Performing a manipulation of the argument path results in deserialization. The attack can be initiated remotely. The pull request to fix this issue requires some minor changes.

CWE CWE-502 CWE-20
Vendor yzhao062
Product pyod
Published Jul 13, 2026
Last Updated Jul 14, 2026
Stay Ahead of the Next One

Get instant alerts for yzhao062 pyod

Be the first to know when new medium vulnerabilities affecting yzhao062 pyod are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

yzhao062 / pyod
3.5.0 3.5.1 3.5.2

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
vuldb.com: https://vuldb.com/vuln/377872 vuldb.com: https://vuldb.com/vuln/377872/cti vuldb.com: https://vuldb.com/cve/CVE-2026-15529 vuldb.com: https://vuldb.com/submit/854559 github.com: https://github.com/yzhao062/pyod/issues/697 github.com: https://github.com/yzhao062/pyod/pull/698 github.com: https://github.com/yzhao062/pyod/

Credits

๐Ÿ” Dem0000000 (VulDB User) VulDB CNA Team