NVD HIGH: CVE-2026-31223 — The snorkel library thru v0.10.0 contains a critical insecure deserialization vu...
The snorkel library thru v0.10.0 contains a critical insecure deserialization vulnerability (CWE-502) in the BaseLabeler.load() method of the BaseLabeler class. The method loads serialized labeler models using the unsafe pickle.load() function on user-supplied file paths without any validation or security controls. Python's pickle module is inherently dangerous for deserializing untrusted data, as
CVE-2026-31223