Nixpkgs security tracker

Login with GitHub

Suggestions search

All statuses

Filter by:

With package: python313Packages.lerobot

Found 1 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2026-25874

created 1 month ago Activity log

Created suggestion 1 month ago

LeRobot Unsafe Deserialization Remote Code Execution via gRPC

LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads() is used to deserialize data received over unauthenticated gRPC channels without TLS in the policy server and robot client components. An unauthenticated network-reachable attacker can achieve arbitrary code execution on the server or client by sending a crafted pickle payload through the SendPolicyInstructions, SendObservations, or GetActions gRPC calls.

References

https://chocapikk.com/posts/2026/lerobot-pickle-rce/ exploittechnical-description
https://github.com/huggingface/lerobot/issues/3047 issue-tracking
https://github.com/huggingface/lerobot/pull/3048 mitigation
https://github.com/huggingface/lerobot/issues/3134 vendor-advisory
https://www.vulncheck.com/advisories/lerobot-unsafe-deserialization-remote-code… third-party-advisory

Affected products

LeRobot

=<0.5.1

Matching in nixpkgs

pkgs.python312Packages.lerobot

Making AI for Robotics more accessible with end-to-end learning

nixos-25.11 0.4.0
- nixos-25.11-small 0.4.0
- nixpkgs-25.11-darwin 0.4.0

pkgs.python313Packages.lerobot

Making AI for Robotics more accessible with end-to-end learning

nixos-unstable 0.5.0
- nixpkgs-unstable 0.5.0
- nixos-unstable-small 0.5.0
nixos-25.11 0.4.0
- nixos-25.11-small 0.4.0
- nixpkgs-25.11-darwin 0.4.0

pkgs.pkgsRocm.python3Packages.lerobot

Making AI for Robotics more accessible with end-to-end learning

nixos-unstable 0.5.0
- nixpkgs-unstable 0.5.0
- nixos-unstable-small 0.5.0
nixos-25.11 0.4.0
- nixos-25.11-small 0.4.0
- nixpkgs-25.11-darwin 0.4.0

Package maintainers

@GaetanLepage Gaetan Lepage <gaetan@glepage.com>

1