CRITICAL 9.8 PyPI
GHSA-wcr3-gm9f-f87q · CVE-2026-31237 Ludwig framework is vulnerable to insecure deserialization through its predict() method.
Modified: 5/27/2026
package
PyPI / ludwig
pkg:pypi/ludwig
CRITICAL 9.8 PyPI
GHSA-xp5q-5q7g-q26r · CVE-2026-31238 Ludwig framework is vulnerable to insecure deserialization in its model serving component
Modified: 5/27/2026