Lucene search
K

4 matches found

EUVD
EUVD
added 2026/04/24 12:31 a.m.8 views

EUVD-2026-25305

KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balanceserve backend mode where the scheduler RPC server binds a ZMQ ROUTER socket to all interfaces with no authentication and deserializes incoming messages using pickle.loads without validation. Attackers can...

9.8CVSS6.2AI score0.00703EPSS
Exploits1References4
NVD
NVD
added 2026/04/23 10:16 p.m.8 views

CVE-2026-26210

KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balanceserve backend mode where the scheduler RPC server binds a ZMQ ROUTER socket to all interfaces with no authentication and deserializes incoming messages using pickle.loads without validation. Attackers can...

9.8CVSS0.00703EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/23 9:24 p.m.30 views

CVE-2026-26210 KTransformers Unsafe Deserialization RCE via balance_serve

KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balanceserve backend mode where the scheduler RPC server binds a ZMQ ROUTER socket to all interfaces with no authentication and deserializes incoming messages using pickle.loads without validation. Attackers can...

9.8CVSS0.00703EPSS
Exploits1References3
CVE
CVE
added 2026/04/23 9:24 p.m.16 views

CVE-2026-26210

KTransformers (versions up to 0.5.3) contains an unsafe deserialization vulnerability in the balance_serve backend. The scheduler RPC server binds a ZMQ ROUTER socket to all interfaces without authentication and deserializes incoming messages with pickle.loads() without validation, enabling an at...

9.8CVSS6.2AI score0.00703EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder