CVE-2026-41486

HIGH SEVERITY

Vulnerability Description

Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types (ray.data.arrow_tensor, ray.data.arrow_tensor_v2, ray.data.arrow_variable_shaped_tensor) globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension types, it calls __arrow_ext_deserialize__ on the field's metadata bytes. Ray's implementation passes these bytes directly to cloudpickle.loads(), achieving arbitrary code execution during schema parsing, before any row data is read. This issue has been patched in version 2.55.0.

Vulnerability Details

Published Date

April 24, 2026

Last Modified

May 13, 2026

CWE ID

CWE-94

Source

GitHub

Vendor

pip

Product

ray

External References

https://github.com/ray-project/ray/security/advisories/GHSA-mw35-8rx3-xf9r
https://github.com/advisories/GHSA-mw35-8rx3-xf9r

CVE-2026-41486

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment