PatchSiren cyber security CVE debrief
CVE-2026-12191 Comma AI CVE debrief
CVE-2026-12191 is a vulnerability in Comma AI's Openpilot version 0.11. The issue is located in the `selfdrive/modeld/modeld.py` file, specifically in the `pickle.load` and `pickle.loads` functions of the Pickle module. This vulnerability allows for deserialization, potentially leading to code execution. The attack requires local access to the system. The CVSS score for this vulnerability is 7.1, indicating a High severity. The vulnerability was published on [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-12191) and additional details can be found on [nvd](https://nvd.nist.gov/vuln/detail/CVE-2026-12191).
- Vendor
- Comma AI
- Product
- Openpilot
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-14
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-14
- Advisory updated
- 2026-06-15
Who should care
Users of Comma AI Openpilot version 0.11, particularly those with local access to the system, should be aware of this vulnerability and take necessary precautions.
Technical summary
The vulnerability is caused by the insecure use of `pickle.load` and `pickle.loads` in `selfdrive/modeld/modeld.py`. This allows for deserialization of untrusted data, which can lead to arbitrary code execution.
Defensive priority
High
Recommended defensive actions
- Update to a version of Openpilot that is not vulnerable.
- Restrict access to the system to prevent local exploitation.
- Monitor for any suspicious activity that could indicate exploitation of this vulnerability.
Evidence notes
The CVE was published on 2026-06-14T23:16:35.993Z and modified on 2026-06-15T20:42:32.707Z. The vendor, Comma AI, was contacted but did not respond.
Official resources
CVE-2026-12191 was publicly disclosed on 2026-06-14.