PYSEC-2026-354

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/horovod/PYSEC-2026-354.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-354
Aliases
Published
2026-06-29T11:50:49.177992Z
Modified
2026-07-01T20:22:54.309521Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Horovod contains an insecure deserialization vulnerability in its KVStore HTTP server component
Details

Horovod thru 0.28.1 contains an insecure deserialization vulnerability (CWE-502) in its KVStore HTTP server component. The KVStore server, used for distributed task coordination, lacks authentication and authorization controls, allowing any remote attacker to write arbitrary data via HTTP PUT requests. When a Horovod worker reads data from the KVStore (via HTTP GET), it deserializes the data using cloudpickle.loads() without verifying its source or integrity. An attacker can exploit this by sending a malicious pickle payload to the server before the legitimate data is written, causing the victim worker to deserialize and execute arbitrary code, leading to remote code execution.

References

Affected packages

PyPI / horovod

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
0.28.1

Affected versions

0.*
0.9.0
0.9.1
0.9.2
0.9.3
0.9.4
0.9.5
0.9.6
0.9.7
0.9.8
0.9.9
0.9.10
0.9.11
0.9.12
0.10.0
0.10.1
0.10.2
0.11.0
0.11.1
0.11.2
0.11.3
0.12.0
0.12.1
0.13.0
0.13.1
0.13.2
0.13.3
0.13.4
0.13.5
0.13.6
0.13.7
0.13.8
0.13.10
0.13.11
0.14.0
0.14.1
0.15.0
0.15.1
0.15.2
0.16.0
0.16.1
0.16.2
0.16.3
0.16.4
0.18.0
0.18.1
0.18.2
0.19.0
0.19.1
0.19.2
0.19.3
0.19.4
0.19.5
0.20.0
0.20.1
0.20.2
0.20.3
0.21.0
0.21.1
0.21.2
0.21.3
0.22.0
0.22.1
0.23.0
0.24.0
0.24.1
0.24.2
0.24.3
0.25.0
0.26.0
0.26.1
0.27.0
0.28.0
0.28.1

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/horovod/PYSEC-2026-354.yaml"