CVE-2026-48207
Description
Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resolution. An application is vulnerable if it deserializes attacker-controlled data using PyFory Python-native mode with strict mode disabled and relies on DeserializationPolicy to restrict unsafe classes, functions, or module attributes.
This issue affects Apache Fory: from before 1.0.0.
Mitigation: Users of Apache Fory are recommended to upgrade to version 1.0.0 or later, which enforces DeserializationPolicy validation for the affected ReduceSerializer paths and thus fixes this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Apache Fory PyFory ReduceSerializer bypasses deserialization policy hooks in Python-native mode with strict mode disabled, allowing untrusted data deserialization.
Vulnerability
Overview CVE-2026-48207 is a critical deserialization vulnerability in Apache Fory's PyFory component. The ReduceSerializer fails to enforce the documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resolution. This allows an attacker to bypass security restrictions that are intended to block unsafe classes, functions, or module attributes during deserialization [1].
Exploitation
Conditions Exploitation requires the application to deserialize attacker-controlled data using PyFory's Python-native mode with strict=False (strict mode disabled). The application must also rely on a custom DeserializationPolicy to restrict unsafe elements. When these conditions are met, the ReduceSerializer does not invoke the policy validation for the specific code paths, allowing an attacker to craft malicious serialized data that can lead to arbitrary class instantiation or function calls [1].
Impact and
Mitigation A successful exploit could lead to arbitrary code execution, data corruption, or other severe impacts depending on the application context. Apache has released version 1.0.0 of PyFory which consistently enforces DeserializationPolicy validation for the affected paths. Users are strongly advised to upgrade to 1.0.0 or later [1]. Additionally, note that a related but separate vulnerability (CVE-2025-61622) in older versions (0.5.0 through 0.12.2) allowed RCE via an unguarded pickle fallback serializer, which was patched in version 0.12.3 [1].
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.