CVE-2026-12191 | A vulnerability was found in Comma AI Openpilot 0.11. This i… | CVSS 7.8 HIGH

Description

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module. The manipulation results in deserialization. The attack is only possible with local access. The vendor was contacted early about this disclosure but did not respond in any way.

Metadata

CVE ID: CVE-2026-12191
State: PUBLISHED
Assigner: VulDB
Reserved: 2026-06-14 06:43 UTC
Published: 2026-06-14 23:00 UTC
Last updated: 2026-06-14 23:00 UTC
Primary CWE: CWE-502
Deserialization
Vendor / Product: Comma AI / Openpilot
Sources: cve.org · NVD

Severity & Metrics

7.8 HIGH CVSS 3.1

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R

Affected products (1)

Vendor	Product	Platform	Versions
Comma AI	Openpilot	—	0.11

Weakness (CWE)

CWE	Source	Description
CWE-20	cna	Improper Input Validation
CWE-502	cna	Deserialization

CVSS scores (4)

Score	Severity	Version	Source	Vector
8.5	HIGH	4.0	cna	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
7.8	HIGH	3.1	cna	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
7.8	HIGH	3.0	cna	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
6.8	N/D	2.0	cna	AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR

References (4)

VDB-370837 | Comma AI Openpilot Pickle modeld.py pickle.loads deserialization https://vuldb.com/vuln/370837
VDB-370837 | CTI Indicators (IOB, IOC, IOA) https://vuldb.com/vuln/370837/cti
CVE-2026-12191 | CVE Analysis and Report https://vuldb.com/cve/CVE-2026-12191
Submit #825699 | Comma AI Openpilot 0.11 Deserialization https://vuldb.com/submit/825699