CVE-2026-10042
Deferred Deferred - Pending Action
Remote Code Execution in manga-image-translator via Unsafe Pickle Deserialization

Publication date: 2026-05-29

Last updated on: 2026-05-29

Assigner: VulnCheck

Description
manga-image-translator contains a remote code execution vulnerability in the shared API server mode due to unsafe deserialization of untrusted pickle data in the share.py module, where the /execute/{method_name} and /simple_execute/{method_name} endpoints deserialize attacker-controlled HTTP request bodies using pickle.loads(). A remote attacker can supply a crafted pickle payload to these endpoints to execute arbitrary code in the server process, resulting in full container compromise when running in the default Docker deployment as root.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-29
Last Modified
2026-05-29
Generated
2026-06-19
AI Q&A
2026-05-29
EPSS Evaluated
2026-06-18
NVD
CVE-2026-10042
EUVD
EUVD-2026-33328
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
zyddnys manga-image-translator to main (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-10042 is a remote code execution (RCE) vulnerability in the manga-image-translator tool's shared API server mode. The issue arises because the server uses unsafe deserialization of untrusted pickle data in the share.py module, specifically in the /execute/{method_name} and /simple_execute/{method_name} endpoints. These endpoints deserialize attacker-controlled HTTP request bodies using pickle.loads(), which allows a remote attacker to supply a crafted pickle payload that executes arbitrary code within the server process.

This vulnerability is critical because when the tool is run in its default Docker deployment as root, exploitation leads to full container compromise. The root cause is the lack of restrictions on deserialization, allowing arbitrary code execution without authentication or with authentication bypass via nonce capture.

Impact Analysis

Exploitation of this vulnerability allows a remote attacker to execute arbitrary code on the server running manga-image-translator. This can lead to full compromise of the container running the application, especially since the default Docker deployment runs as root.

  • Complete control over the server process and container environment.
  • Potential for privilege escalation and host system compromise depending on Docker configuration.
  • Ability to run malicious commands, access sensitive data, or disrupt service availability.
Detection Guidance

This vulnerability can be detected by monitoring for suspicious HTTP requests sent to the vulnerable endpoints `/execute/{method_name}` and `/simple_execute/{method_name}` on the manga-image-translator server, especially those containing pickle payloads in the request body.

A practical detection method is to capture and analyze network traffic targeting port 5003 (the default port used by the server) for unusual or unexpected pickle serialized data.

Example commands to detect exploitation attempts include using network sniffing tools like tcpdump or Wireshark to filter HTTP POST requests to these endpoints.

  • tcpdump -i <interface> -A 'tcp port 5003 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep -i 'POST /execute/'
  • tcpdump -i <interface> -A 'tcp port 5003' | grep -i 'pickle' # to look for pickle data in HTTP bodies

Additionally, checking server logs for unexpected or unauthorized requests to these endpoints or for execution of unusual commands (e.g., creation of files like /tmp/PWNED) can help identify exploitation.

Mitigation Strategies

Immediate mitigation steps include updating the manga-image-translator software to a version that contains the security fix which replaces unsafe `pickle.loads()` calls with the safer `restricted_loads()` method in the `/execute/{method_name}` and `/simple_execute/{method_name}` endpoints.

If updating is not immediately possible, restrict network access to the vulnerable API endpoints, especially blocking external access to port 5003 to prevent remote attackers from sending malicious pickle payloads.

Avoid running the server as root inside Docker containers or any environment to limit the impact of a potential compromise.

Configure and enforce authentication nonces properly to prevent unauthorized access, and monitor for any suspicious activity targeting these endpoints.

Refer to the official fix commit (d744148) and apply the patch or upgrade to the fixed version as soon as possible.

Compliance Impact

The CVE-2026-10042 vulnerability allows remote code execution through unsafe deserialization, leading to full container compromise when running in default Docker deployments as root.

Such a vulnerability can severely impact compliance with common standards and regulations like GDPR and HIPAA because it compromises the confidentiality, integrity, and availability of data processed by the affected system.

Specifically, unauthorized code execution could lead to unauthorized access, data breaches, or manipulation of sensitive personal or health information, which are direct violations of data protection requirements under these regulations.

Therefore, organizations using the affected software without applying the security fix risk non-compliance with these standards due to the potential exposure and compromise of protected data.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-10042. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart