diff --git a/comfy_extras/nodes_dataset.py b/comfy_extras/nodes_dataset.py
index 98ed25d7e..6a64b2166 100644
--- a/comfy_extras/nodes_dataset.py
+++ b/comfy_extras/nodes_dataset.py
@@ -1450,7 +1450,13 @@ class LoadTrainingDataset(io.ComfyNode):
     @classmethod
     def execute(cls, folder_name):
         # Get dataset directory
-        dataset_dir = os.path.join(folder_paths.get_output_directory(), folder_name)
+        output_dir = folder_paths.get_output_directory()
+        dataset_dir = os.path.join(output_dir, folder_name)
+        # Prevent path traversal (e.g. folder_name="../../etc")
+        real_output_dir = os.path.realpath(output_dir)
+        real_dataset_dir = os.path.realpath(dataset_dir)
+        if os.path.commonpath((real_output_dir, real_dataset_dir)) != real_output_dir:
+            raise ValueError(f"Invalid folder_name: path traversal detected")
 
         if not os.path.exists(dataset_dir):
             raise ValueError(f"Dataset directory not found: {dataset_dir}")
@@ -1477,7 +1483,7 @@ class LoadTrainingDataset(io.ComfyNode):
             shard_path = os.path.join(dataset_dir, shard_file)
 
             with open(shard_path, "rb") as f:
-                shard_data = torch.load(f)
+                shard_data = torch.load(f, weights_only=True)
 
             all_latents.extend(shard_data["latents"])
             all_conditioning.extend(shard_data["conditioning"])