CVE-2026-26210

Name of the Vulnerable Software and Affected Versions KTransformers versions prior to 0.5.4

Description In the balance serve backend mode, the scheduler RPC server binds a ZMQ ROUTER socket to all interfaces without authentication. The server uses the pickle.loads() function to deserialize incoming messages without proper validation. This allows an attacker to send a specially crafted pickle payload to the exposed ZMQ socket, leading to arbitrary code execution on the server with the privileges of the ktransformers process.

Recommendations Update to a version newer than 0.5.3. As a temporary mitigation, restrict access to the ZMQ socket or avoid using the balance serve backend mode until the update is applied.