{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/jsonpickle/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":9.8,"id":"CVE-2021-47952"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["jsonpickle 2.0.0"],"_cs_severities":["critical"],"_cs_tags":["deserialization","remote code execution","cve-2021-47952"],"_cs_type":"advisory","_cs_vendors":["jsonpickle"],"content_html":"\u003cp\u003ejsonpickle version 2.0.0 is vulnerable to remote code execution. This vulnerability allows attackers to execute arbitrary Python commands by deserializing malicious JSON payloads that include \u003ccode\u003epy/repr\u003c/code\u003e objects. Attackers exploit this flaw by crafting JSON strings with \u003ccode\u003epy/repr\u003c/code\u003e directives that, when deserialized, invoke the \u003ccode\u003eeval\u003c/code\u003e function. This enables the execution of system commands and arbitrary code on systems that process these malicious JSON payloads. The vulnerability was published May 16th, 2026, and defenders should prioritize detection of malicious deserialization attempts.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a malicious JSON payload containing a \u003ccode\u003epy/repr\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003epy/repr\u003c/code\u003e object contains a Python expression designed for code execution.\u003c/li\u003e\n\u003cli\u003eThe attacker sends the malicious JSON payload to a vulnerable application using jsonpickle 2.0.0.\u003c/li\u003e\n\u003cli\u003eThe application uses jsonpickle\u0026rsquo;s \u003ccode\u003edecode\u003c/code\u003e function to deserialize the JSON payload.\u003c/li\u003e\n\u003cli\u003eDuring deserialization, the \u003ccode\u003epy/repr\u003c/code\u003e directive is processed.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eeval\u003c/code\u003e function is invoked with the Python expression from the \u003ccode\u003epy/repr\u003c/code\u003e object.\u003c/li\u003e\n\u003cli\u003eThe Python expression executes arbitrary code or commands on the server.\u003c/li\u003e\n\u003cli\u003eThe attacker achieves remote code execution, potentially leading to full system compromise.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2021-47952 can lead to complete system compromise. Attackers can execute arbitrary code, potentially leading to data theft, system takeover, or denial of service. Given the critical CVSS score of 9.8, organizations using jsonpickle 2.0.0 are at high risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to a patched version of jsonpickle if available.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect jsonpickle RCE via py/repr object\u0026rdquo; to detect deserialization attempts.\u003c/li\u003e\n\u003cli\u003eMonitor application logs for errors related to JSON deserialization.\u003c/li\u003e\n\u003cli\u003eImplement input validation to sanitize JSON payloads before deserialization.\u003c/li\u003e\n\u003cli\u003eConsult the VulnCheck advisory for additional context on exploitation vectors.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-16T16:17:25Z","date_published":"2026-05-16T16:17:25Z","id":"https://feed.craftedsignal.io/briefs/2026-05-jsonpickle-rce/","summary":"jsonpickle version 2.0.0 contains a remote code execution vulnerability, allowing attackers to execute arbitrary Python commands by deserializing malicious JSON payloads containing py/repr objects, which invoke the eval function.","title":"jsonpickle 2.0.0 Remote Code Execution via Deserialization of Malicious Payloads","url":"https://feed.craftedsignal.io/briefs/2026-05-jsonpickle-rce/"}],"language":"en","title":"CraftedSignal Threat Feed — Jsonpickle","version":"https://jsonfeed.org/version/1.1"}