Vulnerabilities in ray-project
7 resultsCVE-2023-6019CRITICALRay Command Injection in cpu_profile ParameterEPSS 74.6%CVE-2023-6021HIGHRay Log File Local File IncludeEPSS 37.1%CVE-2023-6020HIGHRay Static File Local File IncludeEPSS 14.7%CVE-2026-32981HIGHRay Dashboard <= 2.8.0 Path Traversal Leading to Local File DisclosureEPSS 0.7%CVE-2026-41486HIGHRay: Remote Code Execution via Parquet Arrow Extension Type DeserializationEPSS 0.5%CVE-2025-62593CRITICALRay is vulnerable to RCE via Safari & Firefox Browsers through DNS Rebinding AttackEPSS 0.4%CVE-2026-27482MEDIUMRay: Dashboard DELETE endpoints allow unauthenticated browser-triggered DoS (Serve shutdown / job deletion)EPSS 0.3%