python jsonpickle RCE (CVE-2021-47952) Exploits Malicious JSON Payloads
The National Vulnerability Database has detailed CVE-2021-47952, a critical remote code execution (RCE) vulnerability in python jsonpickle version 2.0.0. This flaw, rated 9.8 CVSS, allows attackers to execute arbitrary Python commands by deserializing specially crafted JSON payloads. The attack vector leverages py/repr objects within the JSON, which can invoke the eval function during deserialization.
Attackers can craft these malicious JSON strings to execute system commands and arbitrary code. This isn’t just a theoretical bug; it’s a direct path to full system compromise if an application deserializes untrusted input with this vulnerable library version. The core issue lies in insecure deserialization, a classic and often devastating vulnerability (CWE-94).
Organizations using python jsonpickle 2.0.0 are at severe risk. The complete lack of authentication or user interaction required for exploitation, coupled with the network-based attack vector, makes this an extremely attractive target for adversaries. Patches or mitigation strategies are paramount to prevent adversaries from gaining arbitrary code execution on vulnerable systems.
What This Means For You
- If your Python applications utilize `jsonpickle` version 2.0.0, you are directly exposed to critical remote code execution. Immediately identify all deployments using this library version and patch to a secure version. Audit any code that deserializes JSON inputs, especially from untrusted sources, to ensure it's not vulnerable to `py/repr` object abuse.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2021-47952 - jsonpickle Malicious JSON Payload Deserialization
title: CVE-2021-47952 - jsonpickle Malicious JSON Payload Deserialization
id: scw-2026-05-16-ai-1
status: experimental
level: critical
description: |
Detects attempts to exploit CVE-2021-47952 by looking for the presence of 'py/repr' and a common pattern for executing OS commands within the query string of a web request. This indicates a malicious JSON payload being sent to a vulnerable application using jsonpickle for deserialization.
author: SCW Feed Engine (AI-generated)
date: 2026-05-16
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2021-47952/
tags:
- attack.initial_access
- attack.t1505.003
logsource:
category: webserver
detection:
selection:
cs-uri-query|contains:
- 'py/repr'
cs-uri-query|contains:
- '__import__("os").system("'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2021-47952 | RCE | python jsonpickle 2.0.0 |
| CVE-2021-47952 | Deserialization | malicious JSON payloads containing py/repr objects |
| CVE-2021-47952 | Code Injection | deserializing JSON strings with py/repr directives that invoke the eval function |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 16, 2026 at 19:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
WordPress Plugin Backup and Restore: Arbitrary File Deletion Exposes Installations
CVE-2021-47979 — WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in...
TextPattern CMS RCE via Plugin Upload (CVE-2021-47976)
CVE-2021-47976 — TextPattern CMS 4.9.0-dev contains a remote code execution vulnerability that allows authenticated attackers to upload arbitrary PHP files by exploiting the plugin upload...
EgavilanMedia PHPCRUD SQLi Exposes Unauthenticated Data Access
CVE-2021-47956 — EgavilanMedia PHPCRUD 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the firstname...