VIR Vulnerability Intelligence Relay

Package impact

python PyPI / ray

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-41486 high 8.8 8.8 19d ago Ray: Remote Code Execution via Parquet Arrow Extension Type Deserialization python
CVE-2026-32981 unknown 2mo ago A path traversal vulnerability was identified in Ray Dashboard (default port 8265) in Ray versions prior to 2.8.1. Due to improper validation and sanitization of user-supplied paths in the static fil… python
CVE-2026-27482 unknown 3mo ago Ray dashboard DELETE endpoints allow unauthenticated browser-triggered DoS (Serve shutdown / job deletion) python
CVE-2025-34351 unknown 6mo ago Ray's New Token Authentication is Disabled By Default python
CVE-2025-62593 unknown 6mo ago Ray is vulnerable to Critical RCE via Safari & Firefox Browsers through DNS Rebinding Attack python
CVE-2025-1979 unknown 1y ago Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Information into Log File where the redis password is being logged in the standard logging. If the redis password is… python
CVE-2024-57000 unknown 1y ago Withdrawn Advisory: Command injection in Ray python
CVE-2023-48022 unknown 3y ago Ray has arbitrary code execution via jobs submission API python
CVE-2023-6020 unknown 3y ago Ray Missing Authorization vulnerability python
CVE-2023-6021 unknown 3y ago Ray Path Traversal vulnerability python
CVE-2023-6019 unknown 3y ago Ray OS Command Injection vulnerability python