CVE 9.8 CRITICAL

CVE-2026-31220_CVE-2026-31220

May 15, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

PySyft (Syft Datasite/Server) versions 0.9.5 and earlier are vulnerable to remote code execution due to insufficient validation and sandboxing of user-submitted code. The system allows low-privileged users to submit Python functions (via @sy.syft_function()) for remote execution on the server. While a code approval mechanism exists, the submitted code undergoes no security checks for dangerous operations (e.g., file access, command execution). Once approved, the code is executed within the server process using exec() and eval() functions without proper isolation. A remote attacker can leverage this to execute arbitrary Python code on the server, leading to complete compromise of the server environment.

AI Analysis

Remote code execution vulnerability in PySyft due to insufficient validation and sandboxing of user-submitted code

Basic Information

ID CVE-2026-31220

Source mitre

Published May 12, 2026 at 00:00

Modified May 15, 2026 at 18:05

Affected Product

Vendor OpenMined

Product PySyft

Version 0.9.5 and earlier

Affected Versions n/a n/a n/a

CWE Classification

CWE-94

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor OpenMined

Product PySyft

Version 0.9.5 and earlier

References

{
    "lastseen": "",
    "description": "PySyft (Syft Datasite/Server) versions 0.9.5 and earlier are vulnerable to remote code execution due to insufficient validation and sandboxing of user-submitted code. The system allows low-privileged users to submit Python functions (via @sy.syft_function()) for remote execution on the server. While a code approval mechanism exists, the submitted code undergoes no security checks for dangerous operations (e.g., file access, command execution). Once approved, the code is executed within the server process using exec() and eval() functions without proper isolation. A remote attacker can leverage this to execute arbitrary Python code on the server, leading to complete compromise of the server environment.",
    "published": "2026-05-12T00:00:00.000Z",
    "modified": "2026-05-15T18:05:42.663Z",
    "type": "cve",
    "title": "CVE-2026-31220",
    "source": "mitre",
    "references": "https://github.com/OpenMined/PySyft\nhttps://www.notion.so/CVE-2026-31220-35d1e1393188814186b9e00114a8aba7",
    "id": "CVE-2026-31220",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "PySyft",
    "version": "0.9.5 and earlier",
    "vendor": "OpenMined",
    "ai_description": "Remote code execution vulnerability in PySyft due to insufficient validation and sandboxing of user-submitted code",
    "ai_severity": "Critical",
    "ai_vendor": "OpenMined",
    "ai_product": "PySyft",
    "ai_version": "0.9.5 and earlier",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply