CVE-2026-44484

CRITICAL SEVERITY

Vulnerability Description

PyTorch Lightning is a deep learning framework to pretrain and finetune AI models. Versions 2.6.2 and 2.6.2 have introduced functionality consistent with a credential harvesting mechanism.

Vulnerability Details

Published Date

May 07, 2026

Last Modified

May 14, 2026

CWE ID

CWE-506

Source

GitHub

Vendor

pip

Product

pytorch-lightning

External References

https://github.com/Lightning-AI/pytorch-lightning/security/advisories/GHSA-w37p-236h-pfx3
https://github.com/advisories/GHSA-w37p-236h-pfx3

CVE-2026-44484

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment