CVE-2025-56005 in PLY
Summary
by MITRE • 01/20/2026
An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE) via the `picklefile` parameter in the `yacc()` function. This parameter accepts a `.pkl` file that is deserialized with `pickle.load()` without validation. Because `pickle` allows execution of embedded code via `__reduce__()`, an attacker can achieve code execution by passing a malicious pickle file. The parameter is not mentioned in official documentation or the GitHub repository, yet it is active in the PyPI version. This introduces a stealthy backdoor and persistence risk. NOTE: A third-party states that this vulnerability should be rejected because the proof of concept does not demonstrate arbitrary code execution and fails to complete successfully.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 05/31/2026
The CVE-2025-56005 vulnerability represents a critical security flaw in the PLY (Python Lex-Yacc) library version 3.11 that exposes systems to remote code execution through an undocumented feature. This vulnerability manifests in the yacc() function where the picklefile parameter processes serialized data without proper validation mechanisms. The flaw exists because the library accepts a .pkl file input that gets deserialized using pickle.load() without any security checks or input sanitization, creating a dangerous attack surface that directly violates security best practices for deserialization operations.
The technical implementation of this vulnerability stems from the inherent dangers of Python's pickle module which allows arbitrary code execution during deserialization through the _reduce_() method. When an attacker provides a malicious pickle file through the undocumented picklefile parameter, the pickle.load() function executes the embedded code without any sandboxing or validation, effectively bypassing normal security boundaries. This behavior aligns with CWE-502 which specifically addresses deserialization of untrusted data as a source of code execution vulnerabilities. The vulnerability operates at the core of Python's object serialization mechanism, making it particularly dangerous because it leverages the language's native capabilities to achieve unauthorized code execution.
The operational impact of this vulnerability extends beyond simple remote code execution to include persistent backdoor capabilities and stealthy system compromise. Since the picklefile parameter is undocumented and absent from official documentation or GitHub repositories, it represents a hidden attack vector that security teams may never discover through conventional means. The lack of visibility into this feature creates a significant risk for organizations that rely on PLY for parsing and lexical analysis tasks, as any system processing untrusted input through the yacc() function becomes potentially compromised. This vulnerability enables attackers to establish persistent access points and maintain control over affected systems, making it particularly concerning for enterprise environments where system integrity and security monitoring are paramount.
Security mitigations for CVE-2025-56005 require immediate action to prevent exploitation, including updating to patched versions of the PLY library where the undocumented parameter is removed or properly secured. Organizations should implement network segmentation and access controls to limit exposure to systems that utilize PLY libraries, while also conducting thorough code audits to identify any usage of the affected parameter. The vulnerability demonstrates the importance of proper input validation and secure coding practices, as highlighted by ATT&CK technique T1059.007 which covers command and scripting interpreter execution. Additionally, system administrators should monitor for unusual pickle file access patterns and implement security controls that prevent unauthorized deserialization operations, particularly in environments where untrusted data might be processed through Python applications. The vulnerability underscores the critical need for comprehensive security testing and the importance of maintaining awareness of all library features, both documented and undocumented, to prevent such stealthy security risks from compromising system integrity.