CVE 9.3 CRITICAL

KTransformers Unsafe Deserialization RCE via balance_serve_CVE-2026-26210

April 23, 2026 invoker category_cve

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balance_serve backend mode where the scheduler RPC server binds a ZMQ ROUTER socket to all interfaces with no authentication and deserializes incoming messages using pickle.loads() without validation. Attackers can send a crafted pickle payload to the exposed ZMQ socket to execute arbitrary code on the server with the privileges of the ktransformers process.

AI Analysis

KTransformers contains an unsafe deserialization vulnerability in the balance_serve backend mode, allowing attackers to execute arbitrary code on the server with the privileges of the ktransformers process.

Basic Information

ID CVE-2026-26210

Source VulnCheck

Published Apr 23, 2026 at 21:24

Affected Product

Vendor kvcache-ai

Product ktransformers

Affected Versions kvcache-ai ktransformers 0

CWE Classification

CWE-502

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor kvcache-ai

Product ktransformers

Version 0.5.3 and below

References

{
    "lastseen": "",
    "description": "KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balance_serve backend mode where the scheduler RPC server binds a ZMQ ROUTER socket to all interfaces with no authentication and deserializes incoming messages using pickle.loads() without validation. Attackers can send a crafted pickle payload to the exposed ZMQ socket to execute arbitrary code on the server with the privileges of the ktransformers process.",
    "published": "2026-04-23T21:24:48.641Z",
    "modified": "2026-04-23T21:24:48.641Z",
    "type": "cve",
    "title": "KTransformers Unsafe Deserialization RCE via balance_serve",
    "source": "VulnCheck",
    "references": "https://chocapikk.com/posts/2026/ktransformers-pickle-rce/\nhttps://github.com/kvcache-ai/ktransformers/pull/1944\nhttps://www.vulncheck.com/advisories/ktransformers-unsafe-deserialization-rce-via-balance-serve",
    "id": "CVE-2026-26210",
    "bulletinFamily": "",
    "cwe": [
        "CWE-502"
    ],
    "cvelist": null,
    "sourceData": "kvcache-ai ktransformers 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ktransformers",
    "version": "0",
    "vendor": "kvcache-ai",
    "ai_description": "KTransformers contains an unsafe deserialization vulnerability in the balance_serve backend mode, allowing attackers to execute arbitrary code on the server with the privileges of the ktransformers process.",
    "ai_severity": "Critical",
    "ai_vendor": "kvcache-ai",
    "ai_product": "ktransformers",
    "ai_version": "0.5.3 and below",
    "ai_score": 9.3
}

💭 Join the Security Discussion ❌ Cancel Reply