{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-31048", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-15T15:31:38.180Z", "dateReserved": "2026-03-09T00:00:00.000Z", "datePublished": "2026-04-13T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-13T18:59:05.727Z"}, "descriptions": [{"lang": "en", "value": "An issue in the <code>pickle</code> protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/irmen/Pyro3/blob/master/Pyro/protocol.py#L672-L711"}, {"url": "https://github.com/irmen/Pyro3/blob/master/docs/9-security.html#L341-L346"}, {"url": "https://github.com/Sif-0x01/security-advisories/security/advisories/GHSA-7625-w9h5-83rv"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-15T15:31:10.629403Z", "id": "CVE-2026-31048", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T15:31:38.180Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-31048", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-15T15:31:10.629403Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T15:31:31.970Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/irmen/Pyro3/blob/master/Pyro/protocol.py#L672-L711"}, {"url": "https://github.com/irmen/Pyro3/blob/master/docs/9-security.html#L341-L346"}, {"url": "https://github.com/Sif-0x01/security-advisories/security/advisories/GHSA-7625-w9h5-83rv"}], "descriptions": [{"lang": "en", "value": "An issue in the <code>pickle</code> protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-13T18:59:05.727Z"}}}, "cveMetadata": {"cveId": "CVE-2026-31048", "state": "PUBLISHED", "dateUpdated": "2026-04-15T15:31:38.180Z", "dateReserved": "2026-03-09T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-13T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in the <code>pickle</code> protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message."}], "id": "CVE-2026-31048", "lastModified": "2026-04-17T15:38:09.243", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-13T20:16:33.410", "references": [{"source": "cve@mitre.org", "url": "https://github.com/Sif-0x01/security-advisories/security/advisories/GHSA-7625-w9h5-83rv"}, {"source": "cve@mitre.org", "url": "https://github.com/irmen/Pyro3/blob/master/Pyro/protocol.py#L672-L711"}, {"source": "cve@mitre.org", "url": "https://github.com/irmen/Pyro3/blob/master/docs/9-security.html#L341-L346"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.0.0,4.0.0)"}}], "enrichment": {"confidence": 90.0, "confidence_source": "inferred", "scores": [{"score": 90.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "pyro3", "vendor": "irmen"}], "analysis": {"en": {"generated_at": "2026-04-17T08:58:05.664668+00:00", "value": {"mitigation_remediation": ["Upgrade Pyro to a patched release that removes or secures the unsafe pickle usage", "Validate or reject pickled payloads before deserialization, or switch to a safer serialization format such as JSON or Protocol Buffers", "Restrict external access to Pyro endpoints with firewalls or network segmentation to limit exposure to untrusted clients", "Implement application\u2011level input validation to ensure only trusted sources can send pickled data"], "summary": {"action": "Patch immediately", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Pyro v3.x is an RPC framework for Python. Any deployment of Pyro v3.x that accepts pickled messages from untrusted sources is affected. The vulnerability exists in the pickle protocol handling implemented in the Pyro library, and all releases of Pyro v3.x are at risk until an update is released.", "description_and_impact": "An attacker can supply a maliciously crafted pickled string to Pyro v3.x, which the library deserializes using Python\u2019s pickle protocol without validation. Deserialization triggers execution of arbitrary code embedded in the payload, giving the attacker control over the target process and potentially compromising confidentiality, integrity, and availability. The vulnerability is a case of code injection through unsafe deserialization, classified as CWE\u201194.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 9.8, indicating critical severity. The current EPSS score is <1%, reflecting a low but nonzero probability of exploitation. It is not listed in the CISA KEV catalog. The attack vector is remote and requires only that a malicious pickled payload be sent to a Pyro service. Based on the description, it is inferred that deserialization may occur before any authentication, which could make exploitation straightforward if the Pyro service is exposed."}}}}, "created": "2026-04-14T16:21:45.684864+00:00", "title": "Arbitrary code execution via malicious pickle payload in Pyro v3.x", "updated": "2026-04-17T09:00:10.984805+00:00", "vendors": ["irmen", "irmen$PRODUCT$pyro3"]}