HIGH
Comma AI
CVE published 2026-06-14
CVE-2026-12191
CVE-2026-12191 is a vulnerability in Comma AI's Openpilot version 0.11. The issue is located in the `selfdrive/modeld/modeld.py` file, specifically in the `pickle.load` and `pickle.loads` functions of the Pickle module. This vulnerability allows for deserialization, potentially leading to code execution. The attack requires local access to the system. The CVSS score for this vulnerability is 7.1, indicati [truncated]