CVE-2021-33026

CRITICAL

Flask-Caching <1.10.1 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-33026. PoCs published by CarlosG13, Agilevatester.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2021-33026, demonstrating remote code execution via Pickle deserialization in Flask-Caching. The PoC crafts a malicious serialized object, stores it in Memcached, and triggers execution by sending a crafted session cookie to the target Flask application.

Description

The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage (e.g., filesystem, Memcached, Redis, etc.), they can construct a crafted payload, poison the cache, and execute Python code. NOTE: a third party indicates that exploitation is extremely unlikely unless the machine is already compromised; in other cases, the attacker would be unable to write their payload to the cache and generate the required collision

Exploits (2)

nomisec WORKING POC 4 stars
by CarlosG13 · poc
https://github.com/CarlosG13/CVE-2021-33026

This repository contains a functional exploit for CVE-2021-33026, demonstrating remote code execution via Pickle deserialization in Flask-Caching. The PoC crafts a malicious serialized object, stores it in Memcached, and triggers execution by sending a crafted session cookie to the target Flask application.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Flask-Caching extension through 1.10.1
Auth required
Prerequisites: Access to Memcached service storing session cookies · Valid session cookie from the target Flask application
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC 1 stars
by Agilevatester · poc
https://github.com/Agilevatester/FlaskCache_CVE-2021-33026_POC

This repository contains a functional exploit PoC for CVE-2021-33026, demonstrating a deserialization vulnerability in Flask-Caching. The exploit leverages pickle deserialization to achieve remote code execution (RCE) by poisoning a Redis or Memcached cache with a malicious payload.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Flask-Caching (with Redis/Memcached backend)
No auth needed
Prerequisites: Access to a vulnerable Flask application using Flask-Caching with Redis/Memcached · Ability to poison the cache with a malicious payload
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References
Patch, Third Party Advisory x_refsource_misc
https://github.com/sh4nks/flask-caching/pull/209
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://github.com/pallets-eco/flask-caching/pull/209#issuecomment-1136397937

Scores

CVSS v3 9.8
EPSS 0.0729
EPSS Percentile 93.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-502
Status published
Products (2)
flask-caching_project/flask-caching < 1.10.1
pypi/Flask-Caching 0PyPI
Published May 13, 2021
Tracked Since Feb 18, 2026