Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Python PLY Code Execution through Malicious File
OESA-2026-1597
Summary
The PLY library for Python has a hidden feature that allows hackers to upload and run malicious code on your system. This can happen if you use the library to parse files, and you need to update the library to fix this issue. You should check the library's documentation and update it to the latest version to prevent this type of attack.
What to do
- Update python-ply to version 3.11-4.oe2403sp2.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | python-ply | <= 3.11-4.oe2403sp2 | 3.11-4.oe2403sp2 |
Original title
python-ply security update
Original description
/ply/
/ply--*.egg-info/
Security Fix(es):
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE) via the `picklefile` parameter in the `yacc()` function. This parameter accepts a `.pkl` file that is deserialized with `pickle.load()` without validation. Because `pickle` allows execution of embedded code via `__reduce__()`, an attacker can achieve code execution by passing a malicious pickle file. The parameter is not mentioned in official documentation or the GitHub repository, yet it is active in the PyPI version. This introduces a stealthy backdoor and persistence risk. NOTE: A third-party states that this vulnerability should be rejected because the proof of concept does not demonstrate arbitrary code execution and fails to complete successfully.(CVE-2025-56005)
/ply--*.egg-info/
Security Fix(es):
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE) via the `picklefile` parameter in the `yacc()` function. This parameter accepts a `.pkl` file that is deserialized with `pickle.load()` without validation. Because `pickle` allows execution of embedded code via `__reduce__()`, an attacker can achieve code execution by passing a malicious pickle file. The parameter is not mentioned in official documentation or the GitHub repository, yet it is active in the PyPI version. This introduces a stealthy backdoor and persistence risk. NOTE: A third-party states that this vulnerability should be rejected because the proof of concept does not demonstrate arbitrary code execution and fails to complete successfully.(CVE-2025-56005)
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA... Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-56005 Vendor Advisory
Published: 15 Mar 2026 · Updated: 15 Mar 2026 · First seen: 15 Mar 2026