Ray: Remote Code Execution via Parquet Arrow Extension Type Deserialization — CVE-2026-41486
GitHub · GitHub · CVE-2026-41486
ID
CVE-2026-41486
CVE-2026-41486
Date
Updated
Activity
Source
GitHub
GitHub
Vendor
GitHub
GitHub
Threat
high
high
CVSS
8.9
8.9
EPSS
0.00083
0.00083
Summary
Ray Data registers custom Arrow extension types (`ray.data.arrow_tensor`, `ray.data.arrow_tensor_v2`, `ray.data.arrow_variable_shaped_tensor`) globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension types, it calls `__arrow_ext_deserialize__` on the field's metadata bytes. Ray's implementation passes these bytes directly to `cloudpickle.loads()`, achieving arbitrary code execution…
Product
pip: ray
What to do
General, cautious steps (verify details in the official source):
- Prioritize patching or mitigation immediately (treat as actively risky).
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.