CVE-2025-71350
CVE-2025-71350 concerns the Python package picklescan, with version pre-0.0.28 vulnerable. The issue arises because picklescan fails to detect malicious pickle payloads that leverage torch.utils.collect_env.run within reduce methods, enabling attackers to embed code in pickle files that may execu...