CVE-2026-27482: CWE-396: Declaration of Catch for Generic Exception in ray-project ray
CVE-2026-27482 is a medium-severity vulnerability in Ray versions 2. 53. 0 and below, where the dashboard HTTP server improperly restricts HTTP methods, allowing unauthenticated DELETE requests. This flaw enables remote attackers to shut down Serve components or delete jobs without user interaction if the dashboard or agent is exposed (e. g. , bound to 0. 0. 0. 0). The vulnerability arises from incomplete HTTP method filtering and lack of authentication on critical DELETE endpoints, leading to potential denial of service.
AI Analysis
Technical Summary
CVE-2026-27482 affects the Ray AI compute engine, specifically versions 2.53.0 and earlier. The issue stems from the dashboard HTTP server's handling of HTTP methods: while POST and PUT requests from browsers are blocked based on origin, DELETE requests are not similarly restricted. Moreover, key DELETE endpoints lack authentication by default. If the dashboard or agent is configured to be reachable externally (for example, by setting --dashboard-host=0.0.0.0), an attacker with network access or leveraging DNS rebinding can issue DELETE requests that forcibly shut down the Serve component or delete active jobs. This results in a denial-of-service condition impacting availability. The vulnerability is categorized under CWE-396, indicating improper exception handling practices, which in this context relates to the generic catch declaration that may contribute to insufficient request validation. The CVSS v3.1 base score is 5.9 (medium severity), reflecting network attack vector, high attack complexity, no privileges required, required user interaction, unchanged scope, no confidentiality impact, low integrity impact, and high availability impact. No known exploits are currently reported in the wild. The recommended remediation is upgrading to Ray 2.54.0 or later, where these endpoints are properly secured. Until then, administrators should avoid exposing the dashboard publicly and implement network-level access controls.
Potential Impact
The primary impact of this vulnerability is on availability, as attackers can remotely shut down critical Ray Serve components or delete running jobs without authentication or user interaction. This can disrupt AI compute workloads, causing service outages and loss of in-progress computations. Organizations relying on Ray for AI model serving or distributed computing may experience downtime, operational delays, and potential loss of productivity. Since the vulnerability does not affect confidentiality or significantly impact integrity, data breaches or unauthorized data modifications are unlikely. However, the ease of exploitation via network access or DNS rebinding increases risk, especially in environments where the dashboard is exposed to untrusted networks. This can affect cloud deployments, research labs, and enterprises using Ray in multi-tenant or less isolated network configurations.
Mitigation Recommendations
1. Upgrade all Ray deployments to version 2.54.0 or later immediately to apply the official fix. 2. Restrict access to the Ray dashboard and agent interfaces by binding them to localhost or internal IP addresses rather than 0.0.0.0. 3. Implement network-level controls such as firewalls, VPNs, or zero-trust segmentation to limit dashboard access to trusted users and systems only. 4. Disable or restrict DELETE HTTP methods on the dashboard server using reverse proxies or web application firewalls if upgrading is not immediately possible. 5. Monitor network traffic for unusual DELETE requests targeting the dashboard endpoints. 6. Educate administrators on the risks of exposing management interfaces publicly and enforce secure configuration baselines. 7. Consider deploying DNS rebinding protections on client networks to prevent exploitation via malicious web pages.
Affected Countries
United States, China, Germany, United Kingdom, Japan, South Korea, France, Canada, India, Australia
CVE-2026-27482: CWE-396: Declaration of Catch for Generic Exception in ray-project ray
Description
CVE-2026-27482 is a medium-severity vulnerability in Ray versions 2. 53. 0 and below, where the dashboard HTTP server improperly restricts HTTP methods, allowing unauthenticated DELETE requests. This flaw enables remote attackers to shut down Serve components or delete jobs without user interaction if the dashboard or agent is exposed (e. g. , bound to 0. 0. 0. 0). The vulnerability arises from incomplete HTTP method filtering and lack of authentication on critical DELETE endpoints, leading to potential denial of service.
AI-Powered Analysis
Technical Analysis
CVE-2026-27482 affects the Ray AI compute engine, specifically versions 2.53.0 and earlier. The issue stems from the dashboard HTTP server's handling of HTTP methods: while POST and PUT requests from browsers are blocked based on origin, DELETE requests are not similarly restricted. Moreover, key DELETE endpoints lack authentication by default. If the dashboard or agent is configured to be reachable externally (for example, by setting --dashboard-host=0.0.0.0), an attacker with network access or leveraging DNS rebinding can issue DELETE requests that forcibly shut down the Serve component or delete active jobs. This results in a denial-of-service condition impacting availability. The vulnerability is categorized under CWE-396, indicating improper exception handling practices, which in this context relates to the generic catch declaration that may contribute to insufficient request validation. The CVSS v3.1 base score is 5.9 (medium severity), reflecting network attack vector, high attack complexity, no privileges required, required user interaction, unchanged scope, no confidentiality impact, low integrity impact, and high availability impact. No known exploits are currently reported in the wild. The recommended remediation is upgrading to Ray 2.54.0 or later, where these endpoints are properly secured. Until then, administrators should avoid exposing the dashboard publicly and implement network-level access controls.
Potential Impact
The primary impact of this vulnerability is on availability, as attackers can remotely shut down critical Ray Serve components or delete running jobs without authentication or user interaction. This can disrupt AI compute workloads, causing service outages and loss of in-progress computations. Organizations relying on Ray for AI model serving or distributed computing may experience downtime, operational delays, and potential loss of productivity. Since the vulnerability does not affect confidentiality or significantly impact integrity, data breaches or unauthorized data modifications are unlikely. However, the ease of exploitation via network access or DNS rebinding increases risk, especially in environments where the dashboard is exposed to untrusted networks. This can affect cloud deployments, research labs, and enterprises using Ray in multi-tenant or less isolated network configurations.
Mitigation Recommendations
1. Upgrade all Ray deployments to version 2.54.0 or later immediately to apply the official fix. 2. Restrict access to the Ray dashboard and agent interfaces by binding them to localhost or internal IP addresses rather than 0.0.0.0. 3. Implement network-level controls such as firewalls, VPNs, or zero-trust segmentation to limit dashboard access to trusted users and systems only. 4. Disable or restrict DELETE HTTP methods on the dashboard server using reverse proxies or web application firewalls if upgrading is not immediately possible. 5. Monitor network traffic for unusual DELETE requests targeting the dashboard endpoints. 6. Educate administrators on the risks of exposing management interfaces publicly and enforce secure configuration baselines. 7. Consider deploying DNS rebinding protections on client networks to prevent exploitation via malicious web pages.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-02-19T19:46:03.540Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69997b9dbe58cf853b7530e1
Added to database: 2/21/2026, 9:32:13 AM
Last enriched: 2/21/2026, 9:46:29 AM
Last updated: 2/21/2026, 12:25:29 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2026-1787: CWE-862 Missing Authorization in thimpress LearnPress – Backup & Migration Tool
MediumCVE-2026-27579: CWE-346: Origin Validation Error in karnop realtime-collaboration-platform
HighCVE-2026-27492: CWE-488: Exposure of Data Element to Wrong Session in lettermint lettermint-node
MediumCVE-2025-14339: CWE-862 Missing Authorization in wedevs weMail: Email Marketing, Email Automation, Newsletters, Subscribers & eCommerce Email Optins
MediumCVE-2026-27479: CWE-918: Server-Side Request Forgery (SSRF) in ellite Wallos
HighActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.