CVE-2026-26220

Name of the Vulnerable Software and Affected Versions LightLLM versions prior to 1.2.0

Description LightLLM version 1.1.0 and prior contain an unauthenticated remote code execution issue in PD (prefill-decode) disaggregation mode. The PD master node exposes WebSocket endpoints that receive binary frames and pass the data directly to the pickle.loads() function without authentication or validation. A remote attacker who can reach the PD master can send a crafted payload to achieve arbitrary code execution. The pickle.loads() function deserializes data, and in this case, it does so without proper security checks, allowing for potentially malicious code to be executed.

Recommendations Versions prior to 1.2.0 should be updated.