CVE-2026-26210

KTransformers · KTransformers

KTransformers contains an unsafe deserialization vulnerability in its ZMQ-based scheduler RPC server, allowing unauthenticated remote code execution via crafted pickle payloads.

Executive summary

An unsafe deserialization flaw in the KTransformers scheduler RPC server allows unauthenticated attackers to execute arbitrary code with the privileges of the service process.

Vulnerability

The application binds a ZMQ ROUTER socket to all interfaces without authentication and uses the insecure pickle.loads() function to deserialize incoming messages, permitting arbitrary code execution.

Business impact

With a CVSS score of 9.8, this vulnerability poses a severe threat to the host system. An attacker can achieve remote code execution (RCE) with the privileges of the KTransformers service, leading to total system compromise, data exfiltration, and potential persistence within the host environment.

Remediation

Immediate Action: Update KTransformers to the latest version. If immediate patching is not possible, restrict access to the ZMQ socket to authorized hosts using host-based firewalls or network access control lists.

Proactive Monitoring: Monitor network traffic for unauthorized connections to the ZMQ socket port and inspect logs for abnormal pickle-related error messages.

Compensating Controls: Ensure the application is running with the least privilege necessary and deploy network segmentation to isolate the KTransformers backend from untrusted segments.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

The reliance on insecure deserialization in an unauthenticated network service makes this a high-priority vulnerability. Users must update the software immediately and ensure that network-facing services are properly hardened against unauthorized access.