Description
The _load_model() function in the neural_magic_training.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f (2024-07-21) allows arbitrary code execution. When a user supplies a directory path via the --model command-line argument, the function reads a module.py file from that directory and executes its contents directly using Python's exec() function. This design does not validate or sanitize the file's content, allowing an attacker who controls the input directory to execute arbitrary Python code in the context of the process running the script.
Published: 2026-05-12
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The _load_model() routine in the neural_magic_training.py script of the Optimate project accepts a directory path via the --model argument, reads a module.py file from that directory, and executes its contents using Python's exec() function without any validation or sanitization. This flaw, classified under CWE-94 – Unrestricted Code Execution, enables an attacker who controls the content of the specified directory to run arbitrary Python code within the process that executes the script, effectively granting full control over the environment executing the model training. The vulnerability allows an attacker to perform any action within the privileges of the running process, including data exfiltration, persistence, or further compromise of the host system.

Affected Systems

The vulnerability is present in the Optimate repository at commit a6d302f912b481c94370811af6b11402f51d377f dated 2024-07-21. No vendor or product list beyond this open‑source project is provided by the CNA data.

Risk and Exploitability

The EPSS score is below 1% and the issue is not listed in CISA's KEV catalog. With a CVSS score of 9.8, the weakness is high severity. It is essentially a local code‑execution vulnerability: an attacker must be able to influence the --model argument or the contents of the specified directory. The attack does not require network exposure or external services, and the impact scales with the privileges of the process running the script.

Generated by OpenCVE AI on May 13, 2026 at 18:11 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a patched commit or release that removes the unvalidated exec() call to address the CWE‑94 flaw.
  • If an update is unavailable, limit the --model parameter to directories containing only files signed or otherwise verified by your deployment process; implement a pre‑execution validation step such as hashing or signature checking to satisfy CWE‑94 mitigations by ensuring the module.py content has not been tampered with.
  • Run the Optimate script in a container or other isolated environment with the minimal privileges necessary to constrain the damage potential of any code executed via the vulnerable path, thereby limiting the impact of the CWE‑94 exploitation.

Generated by OpenCVE AI on May 13, 2026 at 18:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 26 May 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Nebuly
Nebuly optimate
CPEs cpe:2.3:a:nebuly:optimate:2024-07-21:*:*:*:*:*:*:*
Vendors & Products Nebuly
Nebuly optimate

Sun, 17 May 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Nebuly-ai
Nebuly-ai optimate
Vendors & Products Nebuly-ai
Nebuly-ai optimate

Wed, 13 May 2026 18:30:00 +0000

Type Values Removed Values Added
Title Arbitrary Code Execution via Unvalidated Exec in Optimate's load_model Function

Wed, 13 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 12 May 2026 18:15:00 +0000

Type Values Removed Values Added
Title Arbitrary Code Execution via Unvalidated Exec in Optimate's load_model Function
Weaknesses CWE-94

Tue, 12 May 2026 16:00:00 +0000

Type Values Removed Values Added
Description The _load_model() function in the neural_magic_training.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f (2024-07-21) allows arbitrary code execution. When a user supplies a directory path via the --model command-line argument, the function reads a module.py file from that directory and executes its contents directly using Python's exec() function. This design does not validate or sanitize the file's content, allowing an attacker who controls the input directory to execute arbitrary Python code in the context of the process running the script.
References

Subscriptions

Nebuly Optimate
Nebuly-ai Optimate
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-13T14:01:54.734Z

Reserved: 2026-03-09T00:00:00.000Z

Link: CVE-2026-31217

cve-icon Vulnrichment

Updated: 2026-05-13T14:01:47.108Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-12T16:16:13.600

Modified: 2026-05-26T16:25:31.127

Link: CVE-2026-31217

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-17T19:42:30Z

Weaknesses