CVE-2026-31072
Description
The JSONSerializer and CBORSerializer in APScheduler (all versions including 3.10.x and 4.0.0a5) are vulnerable to Remote Code Execution (RCE) via Insecure Deserialization. The unmarshal_object function allows for arbitrary class instantiation and state injection by dynamically importing modules and calling __setstate__ on any class available in the Python environment. An attacker can exploit this by submitting a specially crafted JSON or CBOR payload to an application using these serializers
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
APScheduler JSON/CBOR serializers allow arbitrary code execution via insecure deserialization in versions 4.0.0a1 through 4.0.0a6.
Vulnerability
The JSONSerializer and CBORSerializer in APScheduler (versions 4.0.0a1 through 4.0.0a6) are vulnerable to Remote Code Execution (RCE) via insecure deserialization [1]. The _object_hook method in apscheduler/serializers/json.py detects the magic key _apscheduler_json and calls unmarshal_object from apscheduler/_marshalling.py [1]. This function dynamically imports arbitrary Python classes using a string reference (e.g., "module.path:ClassName"), instantiates the object via cls.__new__(cls), and then injects attacker-controlled state via __setstate__ [1]. The 3.x release line (latest stable 3.11.2) does not include these serializers [1].
Exploitation
An attacker needs network access to submit a crafted JSON or CBOR payload to an endpoint that deserializes data using these serializers [1]. The attacker provides a payload containing the _apscheduler_json key with a reference string pointing to a class available in the Python environment (e.g., subprocess.Popen) and a state dictionary that triggers command execution [1]. No authentication is strictly required, though it depends on the specific deployment [1]. The _object_hook function passes the attacker-controlled reference and state directly to unmarshal_object, which performs the unsafe deserialization steps [1].
Impact
Successful exploitation allows the attacker to execute arbitrary Python commands on the server with the privileges of the APScheduler process [1]. This results in full compromise of confidentiality, integrity, and availability (CIA). The attacker can read, modify, or delete data, install malware, or pivot to other systems [1]. The privilege level achieved is the same as the user running the scheduler [1].
Mitigation
As of the publication date (2026-05-19), no official fix has been released for this vulnerability [1]. The vendor advises against using the v4.0 pre-release line in production due to potential breaking changes [2]. Users should avoid exposing APScheduler serializers to untrusted data input. If possible, switch to the stable 3.x series (3.11.2) which does not contain the vulnerable serializers [1]. There is no indication that this CVE is listed on the CISA Known Exploited Vulnerabilities (KEV) catalog at this time [1][2].
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <= 3.10.x, 4.0.0a5
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.