CVE-2026-5536
Deserialization Vulnerability in FedML gRPC Server Allows Remote Attack
Publication date: 2026-04-05
Last updated on: 2026-04-30
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tensoropera | fedml | to 0.8.9 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting network access to the vulnerable gRPC server ports (8890 and above) to trusted hosts only.
Since the gRPC server uses add_insecure_port() and does not enforce authentication, it is critical to implement network-level controls such as firewall rules to block unauthorized access.
If possible, disable or stop the Fedml gRPC server until a patched version or secure configuration is available.
Avoid exposing the gRPC server on 0.0.0.0 (all interfaces) and bind it only to localhost or internal trusted networks.
Can you explain this vulnerability to me?
CVE-2026-5536 is a Remote Code Execution (RCE) vulnerability in Fedml versions up to 0.8.9. It occurs because the gRPC server component of Fedml, specifically the sendMessage() function, unsafely deserializes incoming messages using Python's pickle.loads() without any validation or authentication.
The gRPC server listens on all network interfaces on insecure ports starting at 8890 and accepts connections without requiring authentication. An attacker can send a specially crafted malicious pickle payload to the sendMessage() RPC method, which is then deserialized unsafely, allowing the attacker to execute arbitrary code remotely on the affected system.
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows an unauthenticated remote attacker to execute arbitrary code on the affected Fedml node. This means the attacker could potentially take full control of the system running Fedml, leading to data theft, system compromise, disruption of services, or further attacks within the network.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying if the Fedml gRPC server is running and exposed on network interfaces, specifically listening on port 8890 or higher without authentication.
You can scan your network or system for open ports starting at 8890 to check if the vulnerable gRPC server is accessible.
- Use nmap to scan for open ports: nmap -p 8890-8899 <target-ip>
- Use netstat or ss to check listening ports on the local system: netstat -tuln | grep 8890 or ss -tuln | grep 8890
Additionally, monitoring network traffic for unauthenticated gRPC calls to the sendMessage() RPC method on these ports may help detect exploitation attempts.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthenticated remote code execution via unsafe deserialization in the FedML gRPC server. This security weakness could lead to unauthorized access and manipulation of data on affected systems.
Such unauthorized access and potential data compromise may negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and secure system access controls.
However, the provided information does not explicitly state the direct impact on compliance with these regulations.