CVE-2026-12191

CVE-2026-12191 affects Comma AI Openpilot 0.11. The issue is a deserialization vulnerability in the pickle.loads/pickle.load usage inside selfdrive/modeld/modeld.py (Pickle Module). Exploitation requires local access. The CVSS metrics indicate high impact (confidentiality, integrity, availability...