Vulnerability:
The pytries datrie package (up to version 0.8.3) is vulnerable to insecure deserialization due to the unsafe use of pickle.load() in the functions Trie.load(), Trie.read(), and Trie.__setstate__() within the trie file handler component (src/datrie.pyx). When a .trie file is loaded, the library first parses valid trie binary data and then directly passes the remaining file content to pickle.load() without validation.
An attacker can craft a malicious .trie file by appending a specially designed pickle payload after valid trie data. When this file is loaded by a victim application, arbitrary Python code embedded in the pickle payload is executed automatically. This behavior is not visible to the user, as the deserialization is hidden behind a seemingly safe data-loading API.
The vulnerability exists due to the absence of secure deserialization practices, such as validation of input data, use of safe serialization formats, or restriction of allowed object types during deserialization. Notably, the BaseTrie class is not affected, as it does not utilize pickle for data loading.
Impact:
This vulnerability allows a remote attacker to execute arbitrary code on the target system by tricking a victim into loading a malicious .trie file. As a result:
· Arbitrary Code Execution: Attackers can execute system-level commands on the victim machine during file loading.
· Full System Compromise: Successful exploitation can lead to complete compromise of confidentiality, integrity, and availability of the system.
· Supply Chain Risk: Applications relying on external or third-party .trie files may unknowingly introduce malicious payloads into trusted environments.
· Data Exfiltration and Manipulation: Attackers can access, modify, or delete sensitive data depending on execution privileges.
· Persistence and Backdoors: Malicious payloads can establish persistence mechanisms or install backdoors for long-term access.
The attack can be performed remotely without authentication but requires user interaction (loading a malicious file), significantly increasing the risk in real-world scenarios where untrusted files are processed.
CVE ID:
CVE-2026-5659
Vendor:
pytries
Product:
datrie
CVSS Score:
Base CVSS Score: 6.3
CVSS Base Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Disclosure Timeline
Vulnerability Discovered – 21-Mar-2026
Reported to Vendor – 21-Mar-2026
CVE ID Assigned – 06-Apr-2026
CVE Published – 06-Apr-2026
Credits:
Dhabaleshwar Das – Payatu Security Consulting Pvt. Ltd.
