Skip to main content

RELATE LMS CVE-2026-47161

| EUVDEUVD-2026-32628 HIGH
Deserialization of Untrusted Data (CWE-502)
2026-05-27 GitHub_M
8.7
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Source Code Evidence Fetched
May 27, 2026 - 21:25 vuln.today
Analysis Generated
May 27, 2026 - 21:25 vuln.today
CVSS changed
May 27, 2026 - 20:22 NVD
8.7 (HIGH)

DescriptionGitHub Advisory

RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and deserialize untrusted 'pickle' data. An attacker who can reach the message broker can execute arbitrary commands on the host server. Combined with missing network isolation in the code execution sandbox, this allows an authenticated student to achieve full Remote Code Execution (RCE) on the host system. Commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb fixes the issue.

AnalysisAI

Remote code execution in RELATE LMS (the inducer/relate web courseware platform) stems from its Celery task queue being configured to accept and unpickle untrusted messages (CELERY_ACCEPT_CONTENT included "pickle"). Because the code-execution sandbox lacks network isolation, an authenticated student can reach the message broker and deliver a malicious pickle payload that the worker deserializes, yielding arbitrary command execution on the host. No public exploit identified at time of analysis; the issue is corrected in commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb.

Technical ContextAI

RELATE is a Django-based learning management and courseware system that offloads asynchronous work to Celery workers backed by a message broker (typically Redis or RabbitMQ). The root cause is CWE-502 (Deserialization of Untrusted Data): the setting CELERY_ACCEPT_CONTENT was ["pickle", "json"], allowing workers to accept Python pickle-serialized messages. Pickle deserialization is inherently unsafe because crafted pickle streams can invoke arbitrary callables (e.g., via __reduce__) during loading, turning any party who can place messages on the broker into a code executor. The affected component per CPE is cpe:2.3:a:inducer:relate, and the fix narrows accepted content types to JSON only, eliminating the dangerous pickle deserialization path.

RemediationAI

Upstream fix available (commit); released patched version not independently confirmed - update RELATE to a build that includes commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb (https://github.com/inducer/relate/commit/d66ba5659b459bf1ba56b7109b5f9ecf197cbefb), which sets CELERY_ACCEPT_CONTENT to ["json"] only, and review the advisory GHSA-4mwh-mwv4-m252 for guidance. If you cannot deploy immediately, the highest-value compensating control is to override CELERY_ACCEPT_CONTENT to ["json"] in your own settings (and ensure task producers serialize with JSON), which directly removes the pickle deserialization path with the side effect of breaking any task that relied on pickle-only payloads such as complex Python objects. Additionally, restore network isolation around the code-execution sandbox so student-submitted code cannot reach the broker host/port, and place the Celery broker (Redis/RabbitMQ) on an isolated network segment with authentication enabled and firewall rules blocking access from sandbox and untrusted networks; the trade-off is added deployment complexity and the need to verify legitimate workers retain connectivity.

Share

CVE-2026-47161 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy