Skip to main content

AD_Miner EUVDEUVD-2026-41736

| CVE-2026-14723 MEDIUM
Deserialization of Untrusted Data (CWE-502)
2026-07-05 VulDB GHSA-2rqq-j7w9-23vp
4.8
CVSS 4.0 · Vendor: VulDB
Share

Severity by source

Vendor (VulDB) PRIMARY
4.8 MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.3 MEDIUM

Local CLI argument injection requires low privilege and no interaction; scope unchanged; limited CIA impact confined to the AD_Miner process.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jul 05, 2026 - 08:35 vuln.today

DescriptionCVE.org

A vulnerability was determined in AD-Security AD_Miner 1.9.0. Affected is the function request_a of the file ad_miner/scripts/analyse_cache.py of the component Cache Handler. This manipulation of the argument sys.argv[1] causes deserialization. The attack can only be executed locally. The pull request to fix this issue awaits acceptance.

AnalysisAI

Unsafe deserialization in AD-Security AD_Miner 1.9.0 allows a local low-privilege attacker to achieve code execution by supplying a crafted serialized payload as the sys.argv[1] argument to the Cache Handler's request_a function in analyse_cache.py. The attack is strictly local with no network exposure, and impacts confidentiality, integrity, and availability at a low level within the vulnerable process. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local low-privilege shell access
Delivery
craft malicious serialized payload
Exploit
invoke analyse_cache.py with payload as sys.argv[1]
Execution
trigger unsafe deserialization in request_a
Impact
execute arbitrary code in AD_Miner process context

Vulnerability AssessmentAI

Exploitation Exploitation requires local shell access to the host running AD_Miner 1.9.0 and the ability to directly invoke ad_miner/scripts/analyse_cache.py with a controlled sys.argv[1] argument - this is not a network-reachable attack surface. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 4.8 (AV:L/AC:L/AT:N/PR:L/UI:N with VC:L/VI:L/VA:L) reflects the constrained attack surface accurately: exploitation is strictly local, requires low-privilege shell access, and produces only limited impact per metric. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A low-privilege attacker with local shell access on a host where AD_Miner 1.9.0 is installed crafts a malicious serialized Python object and passes it as sys.argv[1] when invoking analyse_cache.py directly. The request_a function deserializes the payload without validation, causing arbitrary code execution within the AD_Miner process at the privilege level of the invoking user. …
Remediation The upstream fix is proposed in GitHub PR #239 (https://github.com/AD-Security/AD_Miner/pull/239), which awaits acceptance - a released patched version is not independently confirmed at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-41736 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy