How is CVE-2026-4870 exploited?

Network reachability (required): The vulnerable parser is exposed over the network, meaning an attacker must be able to send crafted input to the service across the internet or an internal network. Authentication (not-required): No credentials or account are needed; the attacker can submit malicious classical expressions as an unauthenticated caller. Victim interaction (not-required): No user action is required; the attacker triggers the fault directly by sending specially crafted input to the parser. Attack complexity (info): Attack complexity is low, meaning the exploit is reliable and requires no special conditions, race timing, or environmental prerequisites.

What is the impact of CVE-2026-4870?

Crashes the Qiskit SDK parser process via a segmentation fault, taking down any service or pipeline stage that depends on it. Makes quantum circuit compilation and execution unavailable for the duration of the outage, disrupting workloads that rely on the SDK. Repeated triggering allows an attacker to keep the service continuously unavailable with low effort due to the low attack complexity.

Back to search

HIGHCVE-2026-4870Published 2026-06-12Modified 2026-06-15CNA ibm

CVE-2026-4870: Qiskit SDK is vulnerable to specific functions may recurse too deeply and overflow the available stack space, when encountering certain classical expressions.

IBM Qiskit SDK 0.43.0 through 2.5.0 could allow an attacker to trigger a segmentation fault leading to a denial of service due to uncontrolled recursion in the parser.

CVSS v3.1: 7.5
Severity: HIGH
Fixed in: —
Affected Products: 1

HarborGuard Analysis

Synopsis

This is an uncontrolled recursion vulnerability in IBM Qiskit SDK versions 0.43.0 through 2.5.0. The flaw is reachable over the network without any authentication and is triggered by supplying crafted classical expressions to the SDK's parser, which recurses too deeply and overflows the available stack space, causing a segmentation fault. Successful exploitation crashes the affected service, resulting in a denial of service. No fix version has been published yet; HarborGuard tracks the advisory and will surface a patched rebuild the moment IBM releases one.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all customer images, including custom-built images that bundle the Qiskit SDK. Any image found to contain an affected version (0.43.0 through 2.5.0) is flagged immediately.

Available

Triage

HarborGuard is capable of scoring this CVE at CVSS 7.5 HIGH and weighting it against each environment's compliance policy to determine urgency and routing. Findings are dispatched to the appropriate team inbox within each customer organization based on image ownership and policy configuration.

Available

Patch

Because no fix version has been published, HarborGuard re-evaluates the upstream IBM advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment a remediated release appears. In the meantime, customers can use HarborGuard's policy controls to flag or block promotion of affected images through their pipelines.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The vulnerable parser is exposed over the network, meaning an attacker must be able to send crafted input to the service across the internet or an internal network.
AuthenticationNot required
No credentials or account are needed; the attacker can submit malicious classical expressions as an unauthenticated caller.
Victim interactionNot required
No user action is required; the attacker triggers the fault directly by sending specially crafted input to the parser.
Attack complexityDetail
Attack complexity is low, meaning the exploit is reliable and requires no special conditions, race timing, or environmental prerequisites.

Blast Radius

Crashes the Qiskit SDK parser process via a segmentation fault, taking down any service or pipeline stage that depends on it.
Makes quantum circuit compilation and execution unavailable for the duration of the outage, disrupting workloads that rely on the SDK.
Repeated triggering allows an attacker to keep the service continuously unavailable with low effort due to the low attack complexity.

How HarborGuard Handles This

Available on HarborGuard: because no upstream fix exists for CVE-2026-4870, HarborGuard continuously monitors the IBM advisory on every ingest cycle and will trigger an automated patched-image rebuild and, for customers with auto-remediation enabled, open a PR against affected workloads the moment a fix version is published. Until then, HarborGuard surfaces the finding with a CVSS 7.5 HIGH rating so teams can act on compensating controls such as network-policy rules that restrict unauthenticated access to Qiskit parser endpoints, egress filtering on affected workloads, or blocking promotion of images containing affected SDK versions through pipeline gates. Customers who have configured compliance policies requiring a minimum severity threshold for promotion blocks will have those policies applied automatically to any image matching the affected version range.

See how HarborGuard automates this

Affected packages

IBM / Qiskit SDK
≤ 2.5.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

ibm.com

Metrics

Get notified