Executive Summary

CVE-2026-56121 is an unsafe deserialization vulnerability in Feast versions before 0.63.0. It occurs because the user_defined_function.body field of an OnDemandFeatureView specification is base64-decoded and then deserialized using dill.loads() without any prior authorization checks. This allows unauthenticated or unauthorized attackers to send a crafted gRPC request containing a malicious serialized Python object. The malicious object can exploit the __reduce__ method to execute arbitrary operating system commands with the privileges of the Feast service account.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to remote code execution (RCE) on the server running the Feast service. Because the exploit requires no authentication or authorization, attackers can execute arbitrary OS commands remotely, potentially compromising the entire system. The commands run with the permissions of the Feast service account, which could lead to data breaches, system manipulation, or further attacks within the environment.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate step to mitigate this vulnerability is to upgrade Feast to version 0.63.0 or later, where the unsafe deserialization vulnerability has been patched.

This update prevents unauthenticated remote code execution by changing how user-defined functions are deserialized, including introducing a parameter to skip unsafe deserialization during protobuf parsing.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows unauthenticated remote code execution via unsafe deserialization, enabling attackers to execute arbitrary OS commands with the privileges of the Feast service account.

Such a critical security flaw (CVSS 9.3/9.8) can lead to unauthorized access, data breaches, and potential manipulation or exposure of sensitive data.

This can negatively impact compliance with standards like GDPR and HIPAA, which require strict controls to protect personal and sensitive data from unauthorized access and breaches.

Organizations using vulnerable versions of Feast may face increased risk of non-compliance due to potential data compromise resulting from exploitation of this vulnerability.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves unsafe deserialization of a base64-encoded Python object in the user_defined_function.body field of an OnDemandFeatureView spec sent via a gRPC request to the Feast registry server. Detection can focus on monitoring and analyzing gRPC requests to the Feast registry server, especially those invoking ApplyFeatureView or similar RPCs that handle OnDemandFeatureView specifications.

Since the exploit involves sending a crafted gRPC request with a malicious serialized Python object, network detection can include inspecting gRPC traffic for unusual or unexpected base64-encoded payloads in the user_defined_function.body field.

Suggested commands or approaches include:

• Use network packet capture tools like tcpdump or Wireshark to capture gRPC traffic on the Feast registry server port.
• Filter captured traffic for gRPC requests containing base64-encoded data in the user_defined_function.body field.
• Example tcpdump command to capture traffic on port 6565 (default Feast registry gRPC port): tcpdump -i any port 6565 -w feast_grpc.pcap
• Use grpcurl or similar tools to query the Feast registry server and inspect feature view definitions for suspicious or unexpected user_defined_function.body content.
• Check Feast server logs for any errors or unusual activity related to deserialization or ApplyFeatureView operations.

Note that no specific detection commands are provided in the available resources, so these suggestions are based on the nature of the vulnerability and typical network and application monitoring practices.

Useful 0 Not Useful 0