2.52.1
2.52.0
CVE-2025-62593 describes a critical Remote Code Execution (RCE) vulnerability affecting Ray versions 2.9.3 and earlier. This vulnerability allows attackers to execute arbitrary code within the Ray environment, specifically through exploitation via web browsers like Firefox and Safari. The root cause stems from the Ray Development team's decision to forgo authentication on key endpoints, enabling unauthorized code execution. A fix is available in version 2.52.0.
The impact of CVE-2025-62593 is severe. An attacker can leverage this RCE vulnerability to gain complete control over the Ray cluster. This includes the ability to execute arbitrary commands, access sensitive data stored within the cluster, and potentially pivot to other systems on the network. The lack of authentication on /api/jobs and /api/job_agent/jobs/ endpoints makes exploitation relatively straightforward, particularly for attackers with access to a web browser. This vulnerability mirrors previous security concerns around Ray's endpoint security, highlighting the ongoing need for robust authentication mechanisms. The development context of the vulnerability means that developers using Ray for local testing or prototyping are also at significant risk.
CVE-2025-62593 was publicly disclosed on 2025-11-26. The vulnerability's ease of exploitation, combined with its CRITICAL CVSS score, suggests a high probability of exploitation. While no public proof-of-concept (PoC) has been publicly released as of this writing, the lack of authentication on critical endpoints makes it likely that one will emerge. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting Ray clusters.
Exploit Status
EPSS
0.02% (4% percentile)
CISA SSVC
The primary mitigation for CVE-2025-62593 is to immediately upgrade to Ray version 2.52.0 or later, which addresses the authentication deficiency. If upgrading is not immediately feasible, consider implementing a reverse proxy or WAF in front of the Ray cluster to enforce authentication on the vulnerable endpoints. While this is not a complete solution, it can significantly reduce the attack surface. Carefully review Ray's security documentation and consider implementing stricter network segmentation to limit the potential blast radius of a successful exploit. After upgrading, verify the fix by attempting to access the /api/jobs and /api/job_agent/jobs/ endpoints without proper authentication; access should be denied.
Update Ray to version 2.52.0 or higher. This corrects the remote code execution (RCE) vulnerability caused by insufficient protection against browser-based attacks and DNS rebinding attacks. The update mitigates the risk of an attacker exploiting developers running Ray by visiting malicious websites.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-62593 is a critical Remote Code Execution vulnerability in Ray versions up to 2.9.3, allowing attackers to execute arbitrary code via Firefox and Safari due to missing authentication.
If you are using Ray versions 2.9.3 or earlier, you are potentially affected by this vulnerability. Assess your Ray deployment and prioritize upgrading.
Upgrade to Ray version 2.52.0 or later to remediate the vulnerability. As a temporary workaround, implement authentication on the /api/jobs and /api/job_agent/jobs/ endpoints.
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a high probability of future exploitation. Monitor security advisories.
Refer to the official Ray security advisory at https://docs.ray.io/en/releases-2.51.1/ray-security/index.html for detailed information and mitigation guidance.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.