CVE-2026-26210
CriticalSummary
KTransformers versions up to 0.5.3 contain an unsafe deserialization vulnerability in the balance_serve backend mode. The scheduler RPC server binds a ZMQ ROUTER socket to all interfaces without authentication and deserializes incoming messages using pickle.loads() without validation.
Risk Assessment
Attackers can send a crafted pickle payload to the exposed ZMQ socket, allowing arbitrary code execution on the server with the privileges of the ktransformers process. This poses a significant security risk to the system.
Recommendation
It is recommended to update KTransformers to a version that fixes this vulnerability and to implement appropriate authentication mechanisms and validation of incoming data.
Original NVD description (English source)
KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balance_serve backend mode where the scheduler RPC server binds a ZMQ ROUTER socket to all interfaces with no authentication and deserializes incoming messages using pickle.loads() without validation. Attackers can send a crafted pickle payload to the exposed ZMQ socket to execute arbitrary code on the server with the privileges of the ktransformers process.

