Lucene search
K

1615 matches found

NVD
NVD
added 5 days ago6 views

CVE-2026-54499

Stanza is a Stanford NLP Python library for tokenization, sentence segmentation, NER, and parsing of many human languages. Prior to 1.12.2, Stanza model loaders such as stanza.models.common.pretrain.Pretrain.load attempt torch.load..., weightsonly=True but fall back to torch.load...,...

7.5CVSS0.00302EPSS
Exploits0References4
CVE
CVE
added 5 days ago25 views

CVE-2026-54499

CVE-2026-54499 affects Stanza prior to 1.12.2, where model loading uses torch.load(..., weights_only=True) and on an attacker-controllable pickle.UnpicklingError falls back to weights_only=False, enabling arbitrary pickle code execution when loading a malicious .pt pretrain/file. The vulnerabilit...

7.5CVSS6.3AI score0.00302EPSS
Exploits0References4
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-54499 Stanza: Remote Code Execution via Unsafe Pickle Deserialization in Model Loaders

Stanza is a Stanford NLP Python library for tokenization, sentence segmentation, NER, and parsing of many human languages. Prior to 1.12.2, Stanza model loaders such as stanza.models.common.pretrain.Pretrain.load attempt torch.load..., weightsonly=True but fall back to torch.load...,...

7.5CVSS0.00302EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 6 days ago4 views

CVE-2026-14535

A flaw was found in the fickling library, versions up to and including 0.1.11. A logic error in the security analysis passes allows an attacker to bypass intended safety checks during pickle deserialization. This vulnerability enables the invocation of arbitrary standard library modules, leading ...

9.8CVSS6AI score0.00321EPSS
Exploits1References7
OSV
OSV
added 6 days ago4 views

PYSEC-2026-1514 LangChain pickle deserialization of untrusted data

A vulnerability in the FAISS.deserializefrombytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects versions prior to 0.2.4...

8.4CVSS6.4AI score0.00358EPSS
Exploits1References7
Snyk
Snyk
added 2026/07/04 3:15 p.m.6 views

Protection Mechanism Failure

Overview fickling is an A static analyzer and interpreter for Python pickle data Affected versions of this package are vulnerable to Protection Mechanism Failure due to shared mutable state in the shortencode function. An attacker can execute arbitrary code by providing a malicious pickle payload...

9.8CVSS6.3AI score0.00321EPSS
Exploits1References2
NVD
NVD
added 2026/07/04 2:16 p.m.12 views

CVE-2026-14535

In Trail of Bits fickling versions up to and including 0.1.11, the UnsafeImportsML analysis pass unconditionally calls AnalysisContext.shortencodenode on every import node it inspects, regardless of whether the import is flagged as unsafe. This call registers the shortened code representation in...

9.8CVSS0.00321EPSS
Exploits1References4
NVD
NVD
added 2026/07/04 2:16 p.m.8 views

CVE-2026-14534

Trail of Bits fickling versions up to and including 0.1.10 do not include the Python standard library modules posixsubprocess, site, and atexit in the UNSAFEIMPORTS denylist fickle.py. Because these modules are absent from the denylist, fickling's checksafety function returns LIKELYSAFE with zero...

8.8CVSS0.00342EPSS
Exploits1References4
EUVD
EUVD
added 2026/07/04 1:31 p.m.10 views

EUVD-2026-41676

In Trail of Bits fickling versions up to and including 0.1.11, the UnsafeImportsML analysis pass unconditionally calls AnalysisContext.shortencodenode on every import node it inspects, regardless of whether the import is flagged as unsafe. This call registers the shortened code representation in...

8.8CVSS5.9AI score0.00321EPSS
Exploits1References4
CVE
CVE
added 2026/07/04 1:31 p.m.20 views

CVE-2026-14535

Summary: CVE-2026-14535 affects Trail of Bits fickling up to version 0.1.11. A logic error in the UnsafeImportsML and MLAllowlist passes causes shared mutable state (AnalysisContext.reported_shortened_code) to poison deduplication, rendering MLAllowlist dead code and allowing certain pickle paylo...

9.8CVSS5.9AI score0.00321EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/07/04 1:25 p.m.10 views

EUVD-2026-41675

Trail of Bits fickling versions up to and including 0.1.10 do not include the Python standard library modules posixsubprocess, site, and atexit in the UNSAFEIMPORTS denylist fickle.py. Because these modules are absent from the denylist, fickling's checksafety function returns LIKELYSAFE with zero...

8.8CVSS5.8AI score0.00342EPSS
Exploits1References4
CVE
CVE
added 2026/07/04 1:25 p.m.24 views

CVE-2026-14534

The CVE-2026-14534 issue affects the Python package fickling, up to version 0.1.10. The root cause is that the UNSAFE_IMPORTS denylist omits three standard library modules — _posixsubprocess, site, and atexit — causing check_safety() to return LIKELY_SAFE and allowing pickle payloads to deseriali...

8.8CVSS5.8AI score0.00342EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/07/04 1:25 p.m.34 views

CVE-2026-14534 Fickling check_safety() bypass via unlisted standard library modules (_posixsubprocess, site, atexit)

Trail of Bits fickling versions up to and including 0.1.10 do not include the Python standard library modules posixsubprocess, site, and atexit in the UNSAFEIMPORTS denylist fickle.py. Because these modules are absent from the denylist, fickling's checksafety function returns LIKELYSAFE with zero...

8.8CVSS0.00342EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/07/04 1:25 p.m.7 views

CVE-2026-14534

Trail of Bits fickling versions up to and including 0.1.10 do not include the Python standard library modules posixsubprocess, site, and atexit in the UNSAFEIMPORTS denylist fickle.py. Because these modules are absent from the denylist, fickling's checksafety function returns LIKELYSAFE with zero...

8.8CVSS5.8AI score0.00342EPSS
Exploits1References5
Snyk
Snyk
added 2026/07/04 3:12 a.m.7 views

Deserialization of Untrusted Data

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the makelabel function in the reduce method. An attacker can execute arbitrary commands by crafting...

8.1CVSS6.2AI score0.003EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/04 3:12 a.m.7 views

Deserialization of Untrusted Data

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the asyncio.unixevents.UnixSubprocessTransport.start function. An attacker can execute arbitrary commands...

8.1CVSS6.2AI score0.00555EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/04 3:11 a.m.6 views

Deserialization of Untrusted Data

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the numpy.f2py.crackfortran process. An attacker can execute arbitrary code by crafting malicious pickle...

8.1CVSS6.2AI score0.003EPSS
Exploits0References2
NVD
NVD
added 2026/07/04 2:16 a.m.11 views

CVE-2025-71375

picklescan before 0.0.34 fails to detect the operator.methodcaller built-in function when scanning pickle files for malicious code. Attackers can craft malicious pickle payloads using operator.methodcaller that evade detection and execute arbitrary code when loaded by pickle.load...

8.1CVSS0.00365EPSS
Exploits0References2
NVD
NVD
added 2026/07/04 2:16 a.m.11 views

CVE-2025-71372

Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle reduce methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypassing Picklescan's safety checks and enabling...

8.1CVSS0.00379EPSS
Exploits0References2
NVD
NVD
added 2026/07/04 2:16 a.m.11 views

CVE-2025-71373

picklescan before 0.0.33 fails to detect operator.methodcaller function calls in pickle files, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle payloads using operator.methodcaller that execute arbitrary code when loaded, compromising systems relying on...

8.1CVSS0.00444EPSS
Exploits0References2
Rows per page
Query Builder