A vulnerability was found in Comma AI Openpilot 0.11 and classified as critical . This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module . The manipulation results in deserialization. This vulnerability is identified as CVE-2026-12191 . The attack is only possible with local access. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.