CVE-2025-56005

CRITICAL

PLY 3.11 - RCE

Title source: llm
STIX 2.1

Description

An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE) via the `picklefile` parameter in the `yacc()` function. This parameter accepts a `.pkl` file that is deserialized with `pickle.load()` without validation. Because `pickle` allows execution of embedded code via `__reduce__()`, an attacker can achieve code execution by passing a malicious pickle file. The parameter is not mentioned in official documentation or the GitHub repository, yet it is active in the PyPI version. This introduces a stealthy backdoor and persistence risk. NOTE: A third-party states that this vulnerability should be rejected because the proof of concept does not demonstrate arbitrary code execution and fails to complete successfully.

Exploits (2)

nomisec WORKING POC
by bohmiiidd · poc
https://github.com/bohmiiidd/Undocumument_RCE_PLY-yacc-CVE-2025-56005
nomisec WRITEUP
by tom025 · poc
https://github.com/tom025/ply_exploit_rejection

References (10)

Scores

CVSS v3 9.8
EPSS 0.0082
EPSS Percentile 74.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-502
Status published
Products (1)
dabeaz/ply 3.11
Published Jan 20, 2026
Tracked Since Feb 18, 2026