PYSEC-2026-511

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/qiskit-terra/PYSEC-2026-511.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-511
Aliases
Published
2026-06-29T11:50:34.706122Z
Modified
2026-07-01T20:23:03.448348Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Qiskit allows arbitrary code execution decoding QPY format versions < 13
Details

Impact

A maliciously crafted QPY file can potentially execute arbitrary-code embedded in the payload without privilege escalation when deserializing QPY formats < 13. A python process calling Qiskit's qiskit.qpy.load() function could potentially execute any arbitrary Python code embedded in the correct place in the binary file as part of a specially constructed payload.

Patches

Fixed in Qiskit 1.4.2 and in Qiskit 2.0.0rc2

References

Affected packages

PyPI / qiskit-terra

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0.18.0
Last affected
0.46.3

Affected versions

0.*
0.18.0
0.18.1
0.18.2
0.18.3
0.19.0
0.19.1
0.19.2
0.20.0
0.20.1
0.20.2
0.21.0rc1
0.21.0
0.21.1
0.21.2
0.22.0rc1
0.22.0
0.22.1
0.22.2
0.22.3
0.22.4
0.23.0rc1
0.23.0
0.23.1
0.23.2
0.23.3
0.24.0rc1
0.24.0
0.24.1
0.24.2
0.25.0rc1
0.25.0
0.25.1
0.25.2
0.25.2.1
0.25.3
0.45.0rc1
0.45.0
0.45.1
0.45.2
0.45.3
0.46.0
0.46.1
0.46.2
0.46.3

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/qiskit-terra/PYSEC-2026-511.yaml"