Description
Unsafe Deserialization vulnerability in Modular Max Serve before 25.6, specifically when the "--experimental-enable-kvcache-agent" feature is used allowing attackers to execute arbitrary code.
References (6)
Core 6
Core References
Broken Link
https://github.com/modular/modular/blame/main/max/serve/kvcache_agent/kvcache_agent.py#L220
Issue Tracking, Patch
https://github.com/modular/modular/issues/4795
Exploit, Third Party Advisory
https://www.oligo.security/blog/shadowmq-how-code-reuse-spread-critical-vulnerabilities-across-the-ai-ecosystem
Scores
CVSS v3
8.4
EPSS
0.0008
EPSS Percentile
22.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-502
Status
published
Products (2)
modular/max
< 25.6.0
pypi/modular
0 - 25.6.0PyPI
Published
Nov 18, 2025
Tracked Since
Feb 18, 2026