Cyber Resilience

CVE-2026-0773

CriticalRCE

Published: 23 January 2026

Published
23 January 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0115 62.6th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-0773 is a critical-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Zerodayinitiative (inferred from references). Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 37.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Deeper analysis

This vulnerability is a remote code execution flaw in Upsonic stemming from unsafe deserialization of untrusted data via the Cloudpickle library. It affects the add_tool endpoint, which listens on TCP port 7541 by default, and stems from missing validation of user-supplied input that is subsequently deserialized. The issue is tracked as ZDI-CAN-26845 and carries a CVSS score of 9.8 with CWE-502.

Unauthenticated remote attackers can send crafted data to the exposed endpoint and achieve arbitrary code execution in the context of the service account. No authentication or user interaction is required, enabling straightforward network-based exploitation against any reachable installation.

The Zero Day Initiative advisory ZDI-26-042 addresses the issue and is the primary public reference for further details on affected versions and remediation steps. The associated EPSS score remains low with only minor fluctuation between its current value of 0.0096 and recorded peak of 0.0165.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the add_tool endpoint,…

more

which listens on TCP port 7541 by default. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26845.

CWE(s)

Related Threats

CVEs Like This One

CVE-2025-62368Shared CWE-502
CVE-2025-68903Shared CWE-502
CVE-2024-57764Shared CWE-502
CVE-2025-67911Shared CWE-502
CVE-2025-54014Shared CWE-502
CVE-2025-50460Shared CWE-502
CVE-2026-22505Shared CWE-502
CVE-2025-53078Shared CWE-502
CVE-2026-43633Shared CWE-502
CVE-2025-60039Shared CWE-502

Affected Assets

Zerodayinitiative
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of all input to the add_tool endpoint before Cloudpickle deserialization, blocking the untrusted-data path that enables unauthenticated RCE.

prevent

Enforces access-control policy on the TCP 7541 endpoint so that unauthenticated remote actors cannot reach the deserialization routine at all.

prevent

Boundary-protection mechanisms can restrict or deny external traffic to the exposed add_tool listener, limiting the network attack surface described in the CVE.

References