CVE-2026-31254
Code Injection in Flash-Attention Training Script
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the flash-attention project's training script as of commit e724e2588cbe754beb97cf7c011b5e7e34119e62. The script registers Python's eval() function as a Hydra configuration resolver named eval. This means that configuration files can use the ${eval:...} syntax to execute arbitrary Python code.
An attacker can exploit this by supplying a malicious configuration file that contains harmful Python code. When the training script runs with this configuration, it will execute the attacker's code, leading to arbitrary code execution.
How can this vulnerability impact me? :
This vulnerability can lead to arbitrary code execution on the system running the flash-attention training script. An attacker who provides a malicious configuration file can execute any Python code, potentially compromising the system, stealing data, modifying files, or disrupting operations.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, avoid using untrusted or malicious configuration files with the flash-attention training script, as these can execute arbitrary Python code via the eval resolver.
Consider removing or disabling the registration of the Python eval() function as a Hydra configuration resolver to prevent execution of arbitrary code through the ${eval:...} syntax.
Ensure that only trusted users have access to modify or provide configuration files used by the training script.