CVE-2026-2970 | datapizza-labs datapizza-ai 0.0.2 cache.py RedisCache deserialization

Inserito da Angelo Barbosa | Feb 22, 2026 | CVE

A vulnerability labeled as critical has been found in datapizza-labs datapizza-ai 0.0.2. Affected by this vulnerability is the function RedisCache of the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.py. Such manipulation leads to deserialization.

This vulnerability is documented as CVE-2026-2970. The attack requires being on the local network. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-2970 | datapizza-labs datapizza-ai 0.0.2 cache.py RedisCache deserialization

Post correlati

CVE-2026-24855 | ChurchCRM up to 6.7.1 Create Events Description cross site scripting

CVE-2025-49156 | Trend Micro Apex One Virus Scan Engine link following

CVE-2024-28811 | Infinera hiT 7300 5.60.50 HTTP Invocation Privilege Escalation

CVE-2023-49747 | WebFactory Guest Author Plugin up to 2.3 on WordPress cross site scripting