Remote Code Execution Vulnerability in Ray WebDataset Reader
CVE-2026-57516

8.6HIGH

Key Information:

Status
Vendor
CVE Published:
1 July 2026

What is CVE-2026-57516?

Ray versions prior to 2.56.0 are affected by an unsafe deserialization vulnerability in the WebDataset reader. Attackers can exploit this flaw by submitting a crafted tar archive to the read_webdataset() function, enabling remote code execution. This is facilitated by the _default_decoder() function in webdataset_datasource.py, which indiscriminately calls pickle.loads() on .pkl/.pickle entries and torch.load() on .pt/.pth entries. As a result, arbitrary code can be executed within Ray remote workers for every instance that processes the malicious archive, posing significant security risks.

Affected Version(s)

Ray 0

References

CVSS V4

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

jeremysommerfeld8910-cpu
shakevsky
alexchenai
SSJCorpSec
thesecguy45
sfwani
Rahul Karne
.