Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-p5j5-4rvx-93ax
Vulnerability ID VCID-p5j5-4rvx-93ax
Aliases CVE-2026-41486
GHSA-mw35-8rx3-xf9r
Summary Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types (ray.data.arrow_tensor, ray.data.arrow_tensor_v2, ray.data.arrow_variable_shaped_tensor) globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension types, it calls __arrow_ext_deserialize__ on the field's metadata bytes. Ray's implementation passes these bytes directly to cloudpickle.loads(), achieving arbitrary code execution during schema parsing, before any row data is read. This issue has been patched in version 2.55.0.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-94 Improper Control of Generation of Code ('Code Injection')
CWE-502 Deserialization of Untrusted Data
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2026-41486
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2026-41486
epss 0.00045 https://api.first.org/data/v1/epss?cve=CVE-2026-41486
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-mw35-8rx3-xf9r
cvssv4 8.9 https://github.com/ray-project/ray
generic_textual HIGH https://github.com/ray-project/ray
cvssv4 8.9 https://github.com/ray-project/ray/commit/c02bd31ae31996805868baa446a131a8d304525f
generic_textual HIGH https://github.com/ray-project/ray/commit/c02bd31ae31996805868baa446a131a8d304525f
ssvc Track https://github.com/ray-project/ray/commit/c02bd31ae31996805868baa446a131a8d304525f
cvssv4 8.9 https://github.com/ray-project/ray/pull/54831
generic_textual HIGH https://github.com/ray-project/ray/pull/54831
cvssv4 8.9 https://github.com/ray-project/ray/pull/62056
generic_textual HIGH https://github.com/ray-project/ray/pull/62056
ssvc Track https://github.com/ray-project/ray/pull/62056
cvssv4 8.9 https://github.com/ray-project/ray/releases/tag/ray-2.55.0
generic_textual HIGH https://github.com/ray-project/ray/releases/tag/ray-2.55.0
ssvc Track https://github.com/ray-project/ray/releases/tag/ray-2.55.0
cvssv3.1_qr HIGH https://github.com/ray-project/ray/security/advisories/GHSA-mw35-8rx3-xf9r
cvssv4 8.9 https://github.com/ray-project/ray/security/advisories/GHSA-mw35-8rx3-xf9r
generic_textual HIGH https://github.com/ray-project/ray/security/advisories/GHSA-mw35-8rx3-xf9r
ssvc Track https://github.com/ray-project/ray/security/advisories/GHSA-mw35-8rx3-xf9r
cvssv4 8.9 https://nvd.nist.gov/vuln/detail/CVE-2026-41486
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2026-41486
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2026-41486
https://github.com/ray-project/ray/pull/54831
https://nvd.nist.gov/vuln/detail/CVE-2026-41486
62056 https://github.com/ray-project/ray/pull/62056
c02bd31ae31996805868baa446a131a8d304525f https://github.com/ray-project/ray/commit/c02bd31ae31996805868baa446a131a8d304525f
GHSA-mw35-8rx3-xf9r https://github.com/advisories/GHSA-mw35-8rx3-xf9r
GHSA-mw35-8rx3-xf9r https://github.com/ray-project/ray/security/advisories/GHSA-mw35-8rx3-xf9r
ray-2.55.0 https://github.com/ray-project/ray/releases/tag/ray-2.55.0
No exploits are available.
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H Found at https://github.com/ray-project/ray
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H Found at https://github.com/ray-project/ray/commit/c02bd31ae31996805868baa446a131a8d304525f
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-12T02:07:47Z/ Found at https://github.com/ray-project/ray/commit/c02bd31ae31996805868baa446a131a8d304525f
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H Found at https://github.com/ray-project/ray/pull/54831
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H Found at https://github.com/ray-project/ray/pull/62056
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-12T02:07:47Z/ Found at https://github.com/ray-project/ray/pull/62056
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H Found at https://github.com/ray-project/ray/releases/tag/ray-2.55.0
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-12T02:07:47Z/ Found at https://github.com/ray-project/ray/releases/tag/ray-2.55.0
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H Found at https://github.com/ray-project/ray/security/advisories/GHSA-mw35-8rx3-xf9r
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-12T02:07:47Z/ Found at https://github.com/ray-project/ray/security/advisories/GHSA-mw35-8rx3-xf9r
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H Found at https://nvd.nist.gov/vuln/detail/CVE-2026-41486
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.14198
EPSS Score 0.00045
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T16:51:20.076087+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2026/41xxx/CVE-2026-41486.json 38.6.0