Critical severityNVD Advisory· Published Feb 17, 2026· Updated Apr 15, 2026

CVE-2026-26220

Description

LightLLM version 1.1.0 and prior contain an unauthenticated remote code execution vulnerability in PD (prefill-decode) disaggregation mode. The PD master node exposes WebSocket endpoints that receive binary frames and pass the data directly to pickle.loads() without authentication or validation. A remote attacker who can reach the PD master can send a crafted payload to achieve arbitrary code execution.

Affected products

ModelTC/Lightllmreferences

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

chocapikk.com/posts/2026/lightllm-pickle-rce/nvd
github.com/ModelTC/LightLLM/issues/1213nvd
github.com/ModelTC/lightllm/blob/a27dfc88c2144ed51a6e160b6fbe20aad66c8fe0/lightllm/server/api_http.pynvd
github.com/ModelTC/lightllm/blob/a27dfc88c2144ed51a6e160b6fbe20aad66c8fe0/lightllm/server/api_http.pynvd
lightllm-en.readthedocs.io/en/latest/index.htmlnvd
www.vulncheck.com/advisories/lightllm-pd-mode-unsafe-deserialization-rcenvd

News mentions

No linked articles in our index yet.

cvss	0.585
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000