CVE-2026-47117: OpenMed before 1.5.2 contains a remote code execution vulnerability in the PII privacy-filter model loading path. The pr
Summary
OpenMed versions before 1.5.2 have a remote code execution vulnerability (RCE, where attackers can run commands on the affected system) in how it loads privacy-filter models. The vulnerability exists because the software uses overly broad pattern matching on user-supplied model names, allowing attackers to trick it into loading malicious code from external sources. An unauthenticated attacker can exploit this by providing a fake model repository containing harmful code that gets executed with the same permissions as the OpenMed service.
Solution / Mitigation
Update to OpenMed version 1.5.2 or later.
Vulnerability Details
9.8(critical)
EPSS: 0.0%
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
network
low
none
none
June 2, 2026
Classification
Taxonomy References
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-47117
First tracked: June 2, 2026 at 02:10 PM
Classified by LLM (prompt v3) · confidence: 95%