2 matches found
CVE-2026-53874
CVE-2026-53874 affects picklescan up to version 1.0.0, with an unsafe deserialization flaw that allows unauthenticated users to execute arbitrary code by hiding eval calls under callable objects via getattr. When a pickle is loaded from an untrusted source, malicious code embedded in the pickle c...
CVE-2026-53874
creationtimestamp| type| source ---|---|--- 2026-02-02 20:45:20+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-9m3x-qqw2-h32h 2026-06-17 18:06:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moivozupwr2f 2026-06-22 00:39:57+00:00| seen|...