From e4880abf725b4c92c2c8aae7cdcc1485229e8393 Mon Sep 17 00:00:00 2001
From: "pensarapp[bot]" <182705637+pensarapp[bot]@users.noreply.github.com>
Date: Thu, 22 May 2025 08:32:14 +0000
Subject: [PATCH] Fix security issue: Unsafe Pickle Deserialization Enabling
 Remote Code Execution (CWE-502)

---
 cognee/infrastructure/engine/models/DataPoint.py | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/cognee/infrastructure/engine/models/DataPoint.py b/cognee/infrastructure/engine/models/DataPoint.py
index 986b13a0e..9658670dd 100644
--- a/cognee/infrastructure/engine/models/DataPoint.py
+++ b/cognee/infrastructure/engine/models/DataPoint.py
@@ -80,11 +80,7 @@ class DataPoint(BaseModel):
         """Serialize the instance to pickle-compatible bytes."""
         return pickle.dumps(self.dict())
 
-    @classmethod
-    def from_pickle(self, pickled_data: bytes):
-        """Deserialize the instance from pickled bytes."""
-        data = pickle.loads(pickled_data)
-        return self(**data)
+    # The unsafe from_pickle method is removed due to security concerns (CWE-502).
 
     def to_dict(self, **kwargs) -> Dict[str, Any]:
         """Serialize model to a dictionary."""
@@ -93,4 +89,4 @@ class DataPoint(BaseModel):
     @classmethod
     def from_dict(cls, data: Dict[str, Any]) -> "DataPoint":
         """Deserialize model from a dictionary."""
-        return cls.model_validate(data)
+        return cls.model_validate(data)
\ No newline at end of file