Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Mon, 15 Jun 2026 23:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sun, 14 Jun 2026 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module. The manipulation results in deserialization. The attack is only possible with local access. The vendor was contacted early about this disclosure but did not respond in any way. | |
| Title | Comma AI Openpilot Pickle modeld.py pickle.loads deserialization | |
| First Time appeared |
Comma Ai
Comma Ai openpilot |
|
| Weaknesses | CWE-20 CWE-502 |
|
| CPEs | cpe:2.3:a:comma_ai:openpilot:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Comma Ai
Comma Ai openpilot |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-06-15T21:48:54.567Z
Reserved: 2026-06-14T06:43:50.623Z
Link: CVE-2026-12191
Updated: 2026-06-15T21:48:50.414Z
Status : Deferred
Published: 2026-06-14T23:16:35.993
Modified: 2026-06-15T20:42:32.707
Link: CVE-2026-12191
No data.
OpenCVE Enrichment
Updated: 2026-06-23T21:09:58Z