External risk intelligence

Attacker can take full control of servers through PySyft code execution flaw

CVE advisorySeverity: CRITICAL (CVSS 9.8)

CVE-2026-31220

An external attacker can exploit the PySyft platform by submitting malicious code to gain complete control over the server. This flaw creates a severe risk, enabling unauthorized access to sensitive data and a full compromise of the hosting environment.

3Halo Surface Signal

Code Injection

External exposure likelihood

Halo Surface Signal score for CVE-2026-31220

PySyft is a collaborative platform for data science and federated learning. The vulnerability requires existing user credentials and an approval workflow to execute code, suggesting typical deployments occur within authorized research or enterprise environments rather than as public-facing internet services, though internet reachability remains plausible in some configurations.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Horizon Alert

Summary of the vulnerability and why it matters

An issue in PySyft allows remote code execution when insufficient validation and sandboxing are applied to user-submitted code. This means someone could send code that runs on the server, potentially compromising it.

  • Allows arbitrary code execution.
  • Impacts data science platforms.
  • Remote attackers can gain control.

Attack Path

How an attacker could exploit the issue

An attacker could exploit this vulnerability by submitting malicious Python code disguised as a legitimate function through the PySyft interface. Once this code is approved and executed by the server, the attacker gains the ability to run arbitrary commands, potentially leading to full server compromise.

  • Requires user credentials.
  • Targets user-submitted code execution.
  • Code execution lacks sandboxing.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability allows remote code execution, and while it requires initial user access and an approval mechanism, attackers can achieve significant server compromise. The lack of sandboxing and direct use of `exec()` and `eval()` on user-submitted code presents a direct pathway for exploitation once approval is bypassed or leveraged.

  • No KEV listing.
  • Public exploit code is not yet observed.
  • Vulnerability published recently.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Focus on identifying and blocking unauthorized remote code execution attempts targeting PySyft, given the critical remote code execution vulnerability. Inventory all PySyft deployments to assess exposure and prioritize immediate containment for any services exposed to untrusted networks.

  • Block untrusted network access to PySyft.
  • Isolate affected PySyft instances.
  • Monitor for suspicious PySyft activity.

Frequently asked questions

What is CVE-2026-31220 and which software does it affect?

CVE-2026-31220 is a critical vulnerability affecting PySyft versions 0.9.5 and earlier. This vulnerability allows for remote code execution due to insufficient validation and sandboxing of user-submitted code within the PySyft system.

How does the PySyft vulnerability lead to remote code execution?

The vulnerability, classified as CWE-94, stems from PySyft's failure to properly validate and sandbox user-submitted Python functions. Although an approval mechanism exists, submitted code isn't checked for dangerous operations, and is then executed using `exec()` and `eval()` without adequate isolation, enabling arbitrary code execution on the server.

What is the trigger path for this vulnerability, and what is its scope?

The trigger path involves a remote attacker submitting malicious Python code disguised as a function via the PySyft interface. Once this code is approved, it's executed directly on the server, potentially leading to a complete compromise of the server environment. The scope is limited by the requirement for user credentials and an existing approval workflow, but once executed, the impact is on the server itself.

What is the relevance of CVE-2026-31220, considering it's a remote code execution flaw in PySyft?

The relevance of CVE-2026-31220 lies in its critical remote code execution (RCE) capability, allowing attackers to take full control of affected servers. While it is not listed in the Known Exploited Vulnerabilities (KEV) catalog and public exploit code has not yet been observed, its recent publication and inherent RCE potential make it a significant threat. The Halo Surface Signal indicates a 'Possible' threat level, acknowledging that while typical deployments might be within trusted environments, internet...

What practical steps should be taken to respond to this PySyft vulnerability?

Organizations should immediately identify and block any unauthorized remote code execution attempts targeting PySyft. It is crucial to inventory all PySyft deployments to understand the exposure and prioritize containment for any services accessible from untrusted networks. Isolating affected PySyft instances and diligently monitoring for suspicious activity are key mitigation strategies.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified