3 matches found
CVE-2025-71365 picklescan - Arbitrary Code Execution via numpy.f2py.crackfortran.myeval Detection Bypass
picklescan before 0.0.33 fails to detect malicious pickle files that invoke numpy.f2py.crackfortran.myeval function through the reduce method. Attackers can craft malicious pickle files embedding arbitrary code that evades picklescan detection and executes remote code when loaded...
EUVD-2025-205638
Picklescan is vulnerable to RCE through missing detection when calling numpy.f2py.crackfortran.myeval...
PT-2026-55669
Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.33 Description The software fails to detect malicious pickle files that utilize the numpy.f2py.crackfortran.param eval function within reduce methods. This flaw allows attackers to bypass security checks by...