Remote Code Execution Vulnerability in AI Tensor Engine for ROCm
CVE-2026-49121

9.2CRITICAL

Key Information:

Vendor: Rocm
Status: Aiter
Vendor: CVE Published:; 1 June 2026

What is CVE-2026-49121?

The AI Tensor Engine for ROCm (AITER) is susceptible to an unauthenticated remote code execution vulnerability present in the MessageQueue.recv() function. This flaw enables attackers to send harmful pickle payloads to a ZMQ SUB socket, bypassing authentication and validation mechanisms. When attackers exploit this vulnerability, they can execute arbitrary code on every remote reader worker simultaneously by reaching the writer XPUB endpoint on the cluster network or using a forged Handle with a controlled remote_subscribe_addr. Immediate action is recommended to mitigate potential risks.

Affected Version(s)

aiter 0 <= 0.1.14

References

https://github.com/ROCm/aiter/issues/3076

technical-descriptionpatch

https://github.com/ROCm/aiter/pull/3170

issue-tracking

https://www.vulncheck.com/advisories/ai-tensor-engine-for...

third-party-advisory

CVSS V4

Score:

9.2

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2026
Vulnerability Reserved
May 27, 2026

Credit

YU SUN

CVE-2026-49121 Data

JSON

Rocm

What is CVE-2026-49121?

Affected Version(s)

References

CVSS V4

Timeline

Credit