{"id":10168,"date":"2026-01-27T10:03:40","date_gmt":"2026-01-27T10:03:40","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/01\/27\/critical-vulnerability-in-python-ply-library-enables-remote-code-execution-poc-published\/"},"modified":"2026-01-27T10:03:40","modified_gmt":"2026-01-27T10:03:40","slug":"critical-vulnerability-in-python-ply-library-enables-remote-code-execution-poc-published","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/01\/27\/critical-vulnerability-in-python-ply-library-enables-remote-code-execution-poc-published\/","title":{"rendered":"Critical Vulnerability in Python PLY Library Enables Remote Code Execution \u2013 PoC Published"},"content":{"rendered":"<p>    Critical Vulnerability in Python PLY Library Enables Remote Code Execution \u2013 PoC Published<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through unsafe <a href=\"https:\/\/cybersecuritynews.com\/langgraph-vulnerability\/\" target=\"_blank\" rel=\"noreferrer noopener\">deserialization<\/a> of untrusted pickle files.<\/p>\n<p>The vulnerability, assigned CVE-2025-56005, affects the undocumented\u00a0picklefile\u00a0parameter in the\u00a0yacc()\u00a0function, which remains absent from official documentation despite being present in the production release.<\/p>\n<p>The vulnerability stems from the\u00a0yacc(picklefile=\u2026)\u00a0parameter invoking\u00a0pickle.load()\u00a0on attacker-controlled files without validation.<\/p>\n<p>Python\u2019s pickle module inherently supports arbitrary code execution during deserialization through the\u00a0__reduce__()\u00a0method, enabling <a href=\"https:\/\/cybersecuritynews.com\/hackers-extensively-abuses-visual-studio-code\/\" target=\"_blank\" rel=\"noreferrer noopener\">malicious payloads<\/a> to execute system commands before parser initialization occurs.<\/p>\n<p>This presents a unique risk profile because the code execution happens silently during application startup, before any parsing logic is reached.<\/p>\n<p>The vulnerability is particularly dangerous in environments where parser tables are cached on disk, shared between services, or generated in <a href=\"https:\/\/cybersecuritynews.com\/jenkins-security-update\/\" target=\"_blank\" rel=\"noreferrer noopener\">CI\/CD pipelines<\/a>.<\/p>\n<p>Exploitation becomes possible when attackers can control, replace, or influence the pickle file path, such as:<\/p>\n<figure class=\"wp-block-table is-style-stripes\">\n<table class=\"has-fixed-layout\">\n<thead>\n<tr>\n<th>Area \/ Component<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><strong>Cached parser table locations<\/strong><\/td>\n<td>Locations where parser tables are stored locally<\/td>\n<\/tr>\n<tr>\n<td><strong>Shared network directories<\/strong><\/td>\n<td>Network-accessible shared folders<\/td>\n<\/tr>\n<tr>\n<td><strong>CI\/CD pipeline artifacts<\/strong><\/td>\n<td>Build and deployment output files<\/td>\n<\/tr>\n<tr>\n<td><strong>Configurable or writable file paths<\/strong><\/td>\n<td>Application-defined writable paths<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n<p>The vulnerability can be demonstrated through a malicious pickle payload that executes system commands during deserialization.<\/p>\n<p>When\u00a0yacc(picklefile=\u2019exploit.pkl\u2019)\u00a0loads a crafted pickle file containing serialized objects with embedded\u00a0__reduce__()\u00a0methods, <a href=\"https:\/\/cybersecuritynews.com\/firefox-147-released\/\" target=\"_blank\" rel=\"noreferrer noopener\">arbitrary code execution<\/a> is guaranteed before the parser becomes operational.<\/p>\n<p> According to the <a href=\"https:\/\/github.com\/bohmiiidd\/Undocumented-RCE-in-PLY\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">advisory<\/a>, organizations should immediately implement the following mitigations:<\/p>\n<p>Avoid using the\u00a0picklefile\u00a0parameter with untrusted or externally writable files. Disable loading <a href=\"https:\/\/cybersecuritynews.com\/apple-font-parser-vulnerability\/\" target=\"_blank\" rel=\"noreferrer noopener\">parser<\/a> tables from user-controlled locations.<\/p>\n<p>Treat all pickle files as potentially unsafe input. Regenerate parser tables dynamically rather than loading from disk.<\/p>\n<p>Developers should update applications that use PLY 3.11 and audit configurations for potential exposure through the undocumented parameter.<\/p>\n<p class=\"has-text-align-center has-background\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 94%,rgb(169,184,195) 100%)\"><strong>Follow us on <a href=\"https:\/\/news.google.com\/publications\/CAAqMggKIixDQklTR3dnTWFoY0tGV041WW1WeWMyVmpkWEpwZEhsdVpYZHpMbU52YlNnQVAB?hl=en-IN&amp;gl=IN&amp;ceid=IN:en\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Google News<\/a>, <a href=\"https:\/\/www.linkedin.com\/company\/cybersecurity-news\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">LinkedIn<\/a>, and <a href=\"https:\/\/x.com\/cyber_press_org\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">X<\/a> for daily cybersecurity updates. <a href=\"https:\/\/cybersecuritynews.com\/contact-us\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Contact us<\/a> to feature your stories.<\/strong><\/p>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/python-ply-library-vulnerability\/\">Critical Vulnerability in Python PLY Library Enables Remote Code Execution \u2013 PoC Published<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Abinaya<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/python-ply-library-vulnerability\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Critical Vulnerability in Python PLY Library Enables Remote Code Execution \u2013 PoC Published A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through unsafe deserialization of untrusted pickle files. The vulnerability, assigned CVE-2025-56005, affects the undocumented\u00a0picklefile\u00a0parameter in the\u00a0yacc()\u00a0function, which remains absent from official documentation despite [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,937,648],"tags":[130],"class_list":["post-10168","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-python","category-vulnerability-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10168"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=10168"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10168\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=10168"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=10168"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=10168"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}