308 matches found
2026.2 IPU - Intel® Processor Firmware Advisory
Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing microcode updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-35979 Description: Exposure of sensitive information caused by shared...
CVE-2026-41486
Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types ray.data.arrowtensor, ray.data.arrowtensorv2, ray.data.arrowvariableshapedtensor globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension type...
CVE-2026-41486
Ray contains a remote code execution flaw (CVE-2026-41486) observed in Ray 2.49.0–2.54.0 where PyArrow reads Parquet extension types in metadata and Ray passes the bytes to cloudpickle.loads() during schema parsing, enabling arbitrary code execution before any row data is read. The issue affects ...
EUVD-2026-28828
Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types ray.data.arrowtensor, ray.data.arrowtensorv2, ray.data.arrowvariableshapedtensor globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension type...
CVE-2026-41486 Ray: Remote Code Execution via Parquet Arrow Extension Type Deserialization
Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types ray.data.arrowtensor, ray.data.arrowtensorv2, ray.data.arrowvariableshapedtensor globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension type...
CVE-2026-41486 Ray: Remote Code Execution via Parquet Arrow Extension Type Deserialization
Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types ray.data.arrowtensor, ray.data.arrowtensorv2, ray.data.arrowvariableshapedtensor globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension type...
CVE-2026-41486
Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types ray.data.arrowtensor, ray.data.arrowtensorv2, ray.data.arrowvariableshapedtensor globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension type...
actix-web-opentelemetry (>=0.2.0 <=0.17.0), alopex-dataframe (=0.2.0) +197 more potentially affected by CVE-2026-43868 via thrift (>=0.0.4 <=0.17.0)
thrift CARGO version =0.0.4, =0.2.0, =0.3.0, =0.3.5, =0.3.5, =0.2.0, =0.7.0, =0.1.0, =0.1.0, =0.32.1, =0.2.1, =0.5.0 and more Source cves: CVE-2026-43868 Source advisory: OSV:GHSA-2F9F-GQ7V-9H6M...
GHSA-MW35-8RX3-XF9R Ray: Remote Code Execution via Parquet Arrow Extension Type Deserialization
Ray Data registers custom Arrow extension types ray.data.arrowtensor, ray.data.arrowtensorv2, ray.data.arrowvariableshapedtensor globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension types, it calls arrowextdeserialize on the field's metadata bytes. Ray's...
Deserialization of Untrusted Data
Overview ray is an A system for parallel and distributed Python that unifies the ML ecosystem. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the deserialization of Parquet Arrow extension type metadata via the cloudpickle.loads function. An attacker can...
Ray: Remote Code Execution via Parquet Arrow Extension Type Deserialization
Ray Data registers custom Arrow extension types ray.data.arrowtensor, ray.data.arrowtensorv2, ray.data.arrowvariableshapedtensor globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension types, it calls arrowextdeserialize on the field's metadata bytes. Ray's...
PT-2026-37117
Name of the Vulnerable Software and Affected Versions Ray versions 2.49.0 through 2.54.0 Description Ray Data registers custom Arrow extension types ray.data.arrow tensor, ray.data.arrow tensor v2, and ray.data.arrow variable shaped tensor globally in PyArrow. When PyArrow reads a Parquet file...
parse-server has cloud function validator bypass via prototype chain traversal
Impact An attacker can bypass Cloud Function validator access controls by appending .prototype.constructor to the function name in the URL. When a Cloud Function handler is declared using the function keyword and its validator is a plain object or arrow function, the trigger store traversal...
OSV-2026-417 Segv on unknown address in arrow::Array::IsNull
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=493063924 Crash type: Segv on unknown address Crash state: arrow::Array::IsNull arrow::Status arrow::VisitArrayInline arrow::ArrayPrinter::Print...
CVE-2026-28783
Craft is a content management system CMS. Prior to 5.9.0-beta.1 and 4.17.0-beta.1, Craft CMS implements a blocklist to prevent potentially dangerous PHP functions from being called via Twig non-Closure arrow functions. In order to be able to successfully execute this attack, you need to either ha...
CVE-2026-28783
Craft is a content management system CMS. Prior to 5.9.0-beta.1 and 4.17.0-beta.1, Craft CMS implements a blocklist to prevent potentially dangerous PHP functions from being called via Twig non-Closure arrow functions. In order to be able to successfully execute this attack, you need to either ha...
CVE-2026-28783 Craft has a Twig Function Blocklist Bypass
Craft is a content management system CMS. Prior to 5.9.0-beta.1 and 4.17.0-beta.1, Craft CMS implements a blocklist to prevent potentially dangerous PHP functions from being called via Twig non-Closure arrow functions. In order to be able to successfully execute this attack, you need to either ha...
CVE-2026-28783
CVE-2026-28783 affects Craft CMS (Craft CMS core) where a blocklist of potentially dangerous PHP functions is bypassable via Twig non-Closure arrow functions. Affected versions are prior to 5.9.0-beta.1 and 4.17.0-beta.1. Successful exploitation requires attacker permissions (production allowAdmi...
SUSE CVE-2026-25087
Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file but not an IPC stream with pre-buffering enabled, if the IPC file contains data with variadic buffers such as Binary View and String...
CVE-2026-25087
Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file but not an IPC stream with pre-buffering enabled, if the IPC file contains data with variadic buffers such as Binary View and String...