diff --git a/rpcpy/serializers.py b/rpcpy/serializers.py
index 4ae3eac..742998b 100644
--- a/rpcpy/serializers.py
+++ b/rpcpy/serializers.py
@@ -108,16 +108,21 @@ def decode(self, data: bytes) -> typing.Any:
         return cbor.loads(data)
 
 
+# Since the release of pickle to the external network may lead to
+# arbitrary code execution vulnerabilities, this serialization
+# method is not enabled by default. It is recommended to turn it on
+# when there is physical isolation from the outside.
+
 SERIALIZER_NAMES = {
     JSONSerializer.name: JSONSerializer(),
-    PickleSerializer.name: PickleSerializer(),
+    # PickleSerializer.name: PickleSerializer(),
     MsgpackSerializer.name: MsgpackSerializer(),
     CBORSerializer.name: CBORSerializer(),
 }
 
 SERIALIZER_TYPES = {
     JSONSerializer.content_type: JSONSerializer(),
-    PickleSerializer.content_type: PickleSerializer(),
+    # PickleSerializer.content_type: PickleSerializer(),
     MsgpackSerializer.content_type: MsgpackSerializer(),
     CBORSerializer.content_type: CBORSerializer(),
 }