PYSEC-2026-355

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/horovod/PYSEC-2026-355.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-355
Aliases
Published
2026-06-29T11:50:35.347691Z
Modified
2026-07-01T20:22:54.318849Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Horovod Vulnerable to Command Injection
Details

Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution. The vulnerability is due to improper handling of base64-encoded data in the ElasticRendezvousHandler, a subclass of KVStoreHandler. Specifically, the _put_value method in ElasticRendezvousHandler calls codec.loads_base64(value), which eventually invokes cloudpickle.loads(decoded). This allows an attacker to send a malicious pickle object via a PUT request, leading to arbitrary code execution on the server.

References

Affected packages

PyPI / horovod

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
0.28.1

Affected versions

0.*
0.9.0
0.9.1
0.9.2
0.9.3
0.9.4
0.9.5
0.9.6
0.9.7
0.9.8
0.9.9
0.9.10
0.9.11
0.9.12
0.10.0
0.10.1
0.10.2
0.11.0
0.11.1
0.11.2
0.11.3
0.12.0
0.12.1
0.13.0
0.13.1
0.13.2
0.13.3
0.13.4
0.13.5
0.13.6
0.13.7
0.13.8
0.13.10
0.13.11
0.14.0
0.14.1
0.15.0
0.15.1
0.15.2
0.16.0
0.16.1
0.16.2
0.16.3
0.16.4
0.18.0
0.18.1
0.18.2
0.19.0
0.19.1
0.19.2
0.19.3
0.19.4
0.19.5
0.20.0
0.20.1
0.20.2
0.20.3
0.21.0
0.21.1
0.21.2
0.21.3
0.22.0
0.22.1
0.23.0
0.24.0
0.24.1
0.24.2
0.24.3
0.25.0
0.26.0
0.26.1
0.27.0
0.28.0
0.28.1

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/horovod/PYSEC-2026-355.yaml"