CVE-2026-47161 inducer CVE debrief

Who should care

Organizations running RELATE LMS instances, educational institutions using the platform for coursework, security teams managing Celery-based task queues, and administrators responsible for sandboxed code execution environments

Technical summary

The vulnerability exists in RELATE's Celery worker configuration, which uses Python's pickle module for task serialization. Pickle deserialization of untrusted data allows arbitrary code execution during object unpickling. An attacker with message broker access can inject malicious pickle payloads that execute when workers process tasks. The missing network isolation in the sandboxed code execution environment compounds this by allowing authenticated students to reach the broker and escalate to host-level RCE. The fix commit removes pickle acceptance from Celery configuration.

Defensive priority

HIGH

Recommended defensive actions

• Upgrade RELATE to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb or later
• Review Celery worker configuration to ensure pickle serialization is disabled in favor of JSON or msgpack
• Implement network segmentation to isolate message brokers from untrusted networks
• Audit code execution sandbox configurations for proper network isolation
• Monitor for unauthorized access attempts to message broker infrastructure
• Review application logs for suspicious deserialization activity or unexpected Celery task execution

Evidence notes

The vulnerability description is sourced from the official CVE record published by NVD on 2026-05-27. The fix commit and GitHub Security Advisory are cited as primary references. The weakness is classified as CWE-502 (Deserialization of Untrusted Data). Vendor identification is marked as requiring review due to incomplete product attribution in the source data.

Official resources