The Snorkel library, up to version 0.10.0, contains an insecure deserialization flaw in the MultitaskClassifier.load() method. The method calls torch.load() without the security‐restrictive weights_only=True parameter, allowing the Pickle module to instantiate arbitrary Python objects. A maliciously crafted model file can therefore trigger arbitrary code execution when it is loaded by an affected installation. This flaw aligns with CWE‑502, Insecure Deserialization.

Python applications that depend on the Snorkel library and invoke MultitaskClassifier.load() on model files are vulnerable. The issue exists specifically in the v0.10.0 release and any codebases that import and use this function without additional precautions. Systems running this library in an environment where model files can be supplied by external or untrusted sources are at risk.

The EPSS score for this vulnerability is not available, and it is not listed in the KEV catalog, but the nature of the flaw—arbitrary code execution via deserialization—constitutes a high severity risk. Based on the description, it is inferred that an attacker can trigger exploitation by ensuring a malicious model file is loaded through the vulnerable method, which may require the attacker to influence the file selection process or supply the file to a running application. No official CVE solution is provided, but the high impact warrants urgent action.