Critical RCE fixed in Kedro logging configuration

TL;DR — A Critical Kedro startup-path bug can lead to remote code execution by loading an attacker-controlled Python logging configuration via KEDRO_LOGGING_CONFIG.

What happened

Kedro is a Python toolbox for building production-ready data science and ML pipelines. CVE-2026-35171 reports a Critical remote code execution (RCE) issue where Kedro loads a logging configuration file specified by the KEDRO_LOGGING_CONFIG environment variable without validation.

Per the CVE record, the issue stems from unsafe use of logging.config.dictConfig() with attacker-influenced configuration: Python logging configuration supports a special () key that enables arbitrary callable instantiation, which can be abused to execute system commands during application startup.

Who is impacted

• Projects using kedro versions < 1.3.0.
• Environments where an attacker can influence KEDRO_LOGGING_CONFIG (or otherwise control the logging configuration content loaded at startup), which is a common risk pattern in shared build/runner, notebook, or multi-tenant execution contexts.

What to do now

• Follow vendor remediation guidance and apply the latest patched release available at the time of writing.

  "This vulnerability is fixed in 1.3.0."

• Inventory where kedro is present in production and automation (lockfiles, SBOM/SCA results, container images, scheduled pipeline jobs) and prioritize anything that starts Kedro based on environment variables.
• Audit how KEDRO_LOGGING_CONFIG is set and propagated (CI variables, .env files, container env, orchestration manifests) and reduce who/what can modify it.
• If compromise is suspected, treat this as a startup-time code execution path: review recent runs for unexpected logging config paths and rotate credentials accessible to the affected runtime.