CVE-2026-0773
Published: 23 January 2026
Summary
CVE-2026-0773 is a critical-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Zerodayinitiative (inferred from references). Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 37.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
This vulnerability is a remote code execution flaw in Upsonic stemming from unsafe deserialization of untrusted data via the Cloudpickle library. It affects the add_tool endpoint, which listens on TCP port 7541 by default, and stems from missing validation of user-supplied input that is subsequently deserialized. The issue is tracked as ZDI-CAN-26845 and carries a CVSS score of 9.8 with CWE-502.
Unauthenticated remote attackers can send crafted data to the exposed endpoint and achieve arbitrary code execution in the context of the service account. No authentication or user interaction is required, enabling straightforward network-based exploitation against any reachable installation.
The Zero Day Initiative advisory ZDI-26-042 addresses the issue and is the primary public reference for further details on affected versions and remediation steps. The associated EPSS score remains low with only minor fluctuation between its current value of 0.0096 and recorded peak of 0.0165.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-4472
Vulnerability details
Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the add_tool endpoint,…
more
which listens on TCP port 7541 by default. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26845.
- CWE(s)
Related Threats
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of all input to the add_tool endpoint before Cloudpickle deserialization, blocking the untrusted-data path that enables unauthenticated RCE.
Enforces access-control policy on the TCP 7541 endpoint so that unauthenticated remote actors cannot reach the deserialization routine at all.
Boundary-protection mechanisms can restrict or deny external traffic to the exposed add_tool listener, limiting the network attack surface described in the CVE.