VYPR
High severity8.4OSV Advisory· Published Mar 12, 2024· Updated Apr 15, 2026

CVE-2024-27758

CVE-2024-27758

Description

In RPyC before 6.0.0, when a server exposes a method that calls the attribute named __array__ for a client-provided netref (e.g., np.array(client_netref)), a remote attacker can craft a class that results in remote code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
rpycPyPI
>= 4.0.0, < 6.0.06.0.0

Affected products

6

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.