CVE-2026-2970
Published: 23 February 2026
Summary
CVE-2026-2970 is a low-severity Improper Input Validation (CWE-20) vulnerability in Datapizza Datapizza Ai. Its CVSS base score is 2.1 (Low).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked at the 10.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as Data Processing Libraries; in the Data-Related Vulnerabilities risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SC-7 (Boundary Protection).
Deeper analysis
CVE-2026-2970 is a deserialization vulnerability in the RedisCache function within the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.py of the datapizza-labs datapizza-ai version 0.0.2. The issue falls under CWE-20 (Improper Input Validation) and CWE-502 (Deserialization of Untrusted Data), with a CVSS v3.1 base score of 4.6 (AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L). It was published on 2026-02-23.
An adjacent network attacker (AV:A) with low privileges (PR:L) can exploit this vulnerability despite its high attack complexity (AC:H) and no requirement for user interaction (UI:N). Successful exploitation enables limited impacts on confidentiality, integrity, and availability (C:L/I:L/A:L) within the unchanged scope (S:U), potentially allowing unauthorized data manipulation or minor disruptions through crafted deserialization payloads.
Advisories, including those on VulDB and a GitHub disclosure by hacktivesec, detail the vulnerability and provide a proof-of-concept exploit. The vendor was contacted early but has not responded or issued any patches or mitigations.
The exploit has been publicly disclosed and may be usable, though exploitation is considered difficult due to its complexity and network proximity requirements. No real-world exploitation in the wild has been reported.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-7586
Vulnerability details
A vulnerability has been found in datapizza-labs datapizza-ai 0.0.2. Affected by this vulnerability is the function RedisCache of the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.py. Such manipulation leads to deserialization. The attack requires being on the local network. A high complexity level is associated…
more
with this attack. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
AI Security AnalysisAI
- AI Category
- Data Processing Libraries
- Risk Domain
- Data-Related Vulnerabilities
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: ai
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Deserialization of untrusted data (CWE-502) in Redis cache component directly enables exploitation of the remote service; crafted payloads can lead to Python code execution or data manipulation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of all inputs before deserialization in RedisCache, blocking the crafted payloads that trigger CWE-502.
Enforces integrity checks on cached objects and code paths, detecting or rejecting malicious serialized data before it is loaded.
Restricts adjacent-network access to the Redis cache component, raising the bar for the AV:A attack vector described in the CVE.