ZI-SA-2026-002: Arbitrary Code Execution via Unsafe Deserialization in LabOne Q

Summary

An internal security review of LabOne Q has revealed an unsafe deserialization vulnerability in the serialization framework. The vulnerability allows an attacker to craft a serialized experiment file that, when loaded by a victim, executes arbitrary code with the same privileges as the user running LabOne Q.

Zurich Instruments is not aware of any exploitation of this vulnerability. Zurich Instruments has released LabOne Q 26.1.2 and 26.4.0 to address this issue and strongly recommends that all customers update to one of these releases.

Affected Products and Solution

Note: Should you be bound to an earlier release of LabOne Q for compatibility reasons, please contact info@zhinst.com.

Workarounds and Mitigations

Zurich Instruments has identified the following specific workarounds and mitigations that customers can apply to reduce the risk:

• Do not load untrusted experiment files: Only deserialize experiment files (JSON, YAML) that originate from a trusted source. Treat serialized experiment files with the same caution as executable scripts.
• Validate file provenance: When receiving experiment files from external parties (e.g. for support or collaboration), verify their origin before loading them.
• Audit serialized files: Before loading, inspect serialized experiment files and verify that only trusted classes are listed as deserializers.

Product-specific remediations can be found in the section Affected Products and Solution.

Please follow the General Security Recommendations.

General Security Recommendations

As a general security measure, Zurich Instruments strongly recommends that customers treat serialized experiment files as potentially executable content and only load files from trusted sources. It is advised to update to the latest version of LabOne Q at the earliest opportunity.

Product Description

LabOne Q is Zurich Instruments' open-source software framework for quantum computing experiment control. It provides a high-level Python interface for defining, compiling, and executing quantum experiments on Zurich Instruments hardware. LabOne Q includes a serialization framework that allows users to save and load experiment configurations, quantum processing unit (QPU) definitions, and related objects to and from JSON and YAML files.

Vulnerability Description

This chapter describes all vulnerabilities (CVE-IDs) addressed in this security advisory.

Vulnerability CVE-2026-7584

The LabOne Q serialization framework uses a class-loading mechanism (import_cls) to dynamically import and instantiate Python classes during deserialization. Prior to the fix, this mechanism accepted arbitrary fully-qualified class names from the serialized data without any validation of the target class or restriction on which modules could be imported.

An attacker can craft a serialized experiment file that causes the deserialization engine to import and instantiate arbitrary Python classes with attacker-controlled constructor arguments, resulting in arbitrary code execution in the context of the user running the Python process.

Exploitation requires the victim to load a malicious file using LabOne Q's deserialization functions, for example a compromised experiment file shared for collaboration or support purposes.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Additional Information

For further inquiries on security vulnerabilities in Zurich Instruments products, please contact security@zhinst.com.

History Data

Terms of Use

The use of Zurich Instruments Security Advisories is subject to the following terms and conditions. Zurich Instruments provides these advisories "as-is" and without warranty of any kind. In no event shall Zurich Instruments be liable for any damages arising from the use of this advisory. Zurich Instruments reserves the right to update or modify this advisory at any time.

ZI-SA-2026-002 — © Zurich Instruments 2026