CVE-2026-27482
Received Received - Intake
Unauthenticated DELETE Requests in Ray Dashboard Cause Availability Impact

Publication date: 2026-02-21

Last updated on: 2026-03-04

Assigner: GitHub, Inc.

Description
Ray is an AI compute engine. In versions 2.53.0 and below, thedashboard HTTP server blocks browser-origin POST/PUT but does not cover DELETE, and key DELETE endpoints are unauthenticated by default. If the dashboard/agent is reachable (e.g., --dashboard-host=0.0.0.0), a web page via DNS rebinding or same-network access can issue DELETE requests that shut down Serve or delete jobs without user interaction. This is a drive-by availability impact. The fix for this vulnerability is to update to Ray 2.54.0 or higher.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-21
Last Modified
2026-03-04
Generated
2026-05-07
AI Q&A
2026-02-21
EPSS Evaluated
2026-05-05
NVD
CVE-2026-27482
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
anyscale ray to 2.54.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-396 Catching overly broad exceptions promotes complex error handling code that is more likely to contain security vulnerabilities.
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :

This vulnerability can lead to denial-of-service (DoS) impacts by allowing attackers to remotely shut down Ray Serve or delete running jobs without authentication or user interaction.

  • Availability loss due to Serve shutdown.
  • Loss of running jobs caused by unauthorized DELETE requests.

There is no impact on confidentiality or code execution, but the integrity impact is low and availability impact is high. The vulnerability breaks trust assumptions for developer-only endpoints by allowing unauthenticated destructive actions.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


Can you explain this vulnerability to me?

[{'type': 'paragraph', 'content': "CVE-2026-27482 is a moderate severity vulnerability in Ray's dashboard HTTP server versions 2.53.0 and below. The vulnerability arises because while the server blocks browser-origin POST and PUT requests, it does not block DELETE requests. Key DELETE endpoints are unauthenticated by default, allowing an attacker who can reach the dashboard (e.g., if it is bound to 0.0.0.0) to issue DELETE requests from a browser via DNS rebinding or same-network access without user interaction."}, {'type': 'paragraph', 'content': 'This allows attackers to shut down Ray Serve or delete jobs, causing denial-of-service (availability) impacts. The root cause is missing authentication and insufficient HTTP method restrictions on DELETE endpoints. The fix involves upgrading to Ray version 2.54.0 or higher, where a whitelist middleware restricts browser-origin requests to safe HTTP methods only (GET, HEAD, OPTIONS), blocking DELETE and other mutating methods.'}] [1, 3, 4]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring for unauthenticated DELETE HTTP requests to the Ray dashboard or job agent endpoints, especially those originating from browser contexts or within the same network. Key vulnerable endpoints include `/api/serve/applications/` (which triggers serve.shutdown()), `/api/jobs/{job_or_submission_id}`, and `/api/job_agent/jobs/{job_or_submission_id}`.'}, {'type': 'paragraph', 'content': 'To detect exploitation attempts, you can capture and analyze HTTP traffic targeting these endpoints, looking specifically for DELETE requests without authentication tokens.'}, {'type': 'paragraph', 'content': 'Example commands to detect such requests might include using network traffic capture tools like tcpdump or tshark with filters for DELETE methods to the relevant ports (default dashboard port) or using curl commands to test if DELETE requests are accepted without authentication.'}, {'type': 'list_item', 'content': "Using tcpdump to capture DELETE requests on port 8265 (default Ray dashboard port): tcpdump -i any -A 'tcp port 8265 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep 'DELETE'"}, {'type': 'list_item', 'content': 'Using curl to test DELETE request acceptance without authentication: curl -X DELETE http://<dashboard-host>:8265/api/serve/applications/ -v'}, {'type': 'list_item', 'content': 'Using browser developer tools or scripts to issue DELETE requests to the vulnerable endpoints and observe if they succeed without authentication.'}] [1]


What immediate steps should I take to mitigate this vulnerability?

The primary and recommended mitigation is to upgrade Ray to version 2.54.0 or higher, where this vulnerability is fixed by enforcing a whitelist of allowed HTTP methods for browser-originated requests, blocking DELETE and other mutating methods.

If immediate upgrade is not possible, consider restricting network access to the Ray dashboard and job agent services by binding the dashboard to localhost or a trusted interface instead of 0.0.0.0, thereby preventing remote or same-network unauthorized access.

Additionally, enable dashboard token authentication if available, to require authentication for sensitive endpoints.

Implement network-level controls such as firewall rules to block DELETE HTTP requests or restrict access to the dashboard ports.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart