Cyber Resilience

CVE-2026-35464

HighPublic PoCRCE

Published: 07 April 2026

Published
07 April 2026
Modified
23 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0008 22.8th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-35464 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Pyload Pyload. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 22.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and CM-5 (Access Restrictions for Change).

Deeper analysis

CVE-2026-35464 is a vulnerability in pyLoad, a free and open-source download manager written in Python. It arises from an incomplete fix for CVE-2026-33509, which introduced an ADMIN_ONLY_OPTIONS set to restrict non-admin users from modifying security-critical configuration options. The storage_folder option is excluded from this set and bypasses path restrictions because the Flask session directory lies outside both PKGDIR and userdir. This allows non-admin users to redirect downloads to the session store and plant a malicious pickle payload as a predictable session file, enabling arbitrary code execution upon deserialization (CWE-502: Deserialization of Untrusted Data; CWE-863: Incorrect Authorization). The CVSS 3.1 base score is 7.5 (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).

A low-privilege user with SETTINGS and ADD permissions can exploit this vulnerability over the network. By modifying the storage_folder option, the attacker redirects downloads to the Flask filesystem session store, uploads a malicious pickle payload disguised as a predictable session file, and triggers remote code execution when any HTTP request arrives bearing the corresponding session cookie. This grants high-impact confidentiality, integrity, and availability effects, executing arbitrary code with the privileges of the pyLoad process.

The issue is addressed in commit c4cf995a2803bdbe388addfc2b0f323277efc0e1, which security practitioners should apply by updating pyLoad. GitHub Security Advisories GHSA-4744-96p5-mp2j and GHSA-r7mc-x6x7-cqxx provide further details on the vulnerability and its relation to CVE-2026-33509.

EU & UK References

Vulnerability details

pyLoad is a free and open-source download manager written in Python. The fix for CVE-2026-33509 added an ADMIN_ONLY_OPTIONS set to block non-admin users from modifying security-critical config options. The storage_folder option is not in this set and passes the existing…

more

path restriction because the Flask session directory is outside both PKGDIR and userdir. A user with SETTINGS and ADD permissions can redirect downloads to the Flask filesystem session store, plant a malicious pickle payload as a predictable session file, and trigger arbitrary code execution when any HTTP request arrives with the corresponding session cookie. This vulnerability is fixed with commit c4cf995a2803bdbe388addfc2b0f323277efc0e1.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.006 Python Execution
Adversaries may abuse Python commands and scripts for execution.
Why these techniques?

Vulnerability in public-facing pyLoad web app enables network exploitation for RCE via malicious Python pickle deserialization after low-priv config manipulation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-41133Same product: Pyload Pyload
CVE-2026-33511Same product: Pyload Pyload
CVE-2026-33509Same product: Pyload Pyload
CVE-2026-32808Same product: Pyload Pyload
CVE-2026-26220Shared CWE-502
CVE-2026-31234Shared CWE-502
CVE-2026-31072Shared CWE-502
CVE-2025-27780Shared CWE-502
CVE-2025-50460Shared CWE-502
CVE-2024-9701Shared CWE-502

Affected Assets

pyload
pyload
≤ 2026-04-02

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Restricts non-admin users from modifying critical configuration settings like storage_folder, directly preventing the redirection of downloads to the Flask session directory.

prevent

Enforces least privilege by ensuring low-privilege users lack SETTINGS and ADD permissions needed to exploit the configuration bypass.

prevent

Requires timely remediation of the specific flaw through patching the commit that adds storage_folder to ADMIN_ONLY_OPTIONS, eliminating the vulnerability.

References