A vulnerability marked as critical has been reported in yzhao062 pyod 3.5.0/3.5.1/3.5.2. Affected is the function pyod.utils.persistence.load of the file pyod/utils/persistence.py. Performing a manipulation of the argument path results in deserialization.

This vulnerability is identified as CVE-2026-15529. The attack can be initiated remotely. There is not any exploit available.

The pull request to fix this issue requires some minor changes.