Lucene search
+L

32 matches found

Snyk
Snyk
added 2026/07/04 3:12 a.m.8 views

Deserialization of Untrusted Data

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the makelabel function in the reduce method. An attacker can execute arbitrary commands by crafting...

8.1CVSS6.2AI score0.003EPSS
Exploits0References2
OSV
OSV
added 2026/07/04 1:23 a.m.3 views

CVE-2025-71375 picklescan - Undetected Remote Code Execution via _operator.methodcaller

picklescan before 0.0.34 fails to detect the operator.methodcaller built-in function when scanning pickle files for malicious code. Attackers can craft malicious pickle payloads using operator.methodcaller that evade detection and execute arbitrary code when loaded by pickle.load...

7.6CVSS6.3AI score0.00365EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/04 1:23 a.m.40 views

CVE-2025-71343 picklescan - Arbitrary Code Execution via lib2to3.pgen2.pgen.ParserGenerator.make_label Detection Bypass

picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.makelabel function in the reduce method. Attackers can craft malicious pickle files with embedded code that evades detection but executes arbitrary commands when pickle.load is called...

8.1CVSS0.003EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:8 p.m.16 views

CVE-2025-71355

CVE-2025-71355 : Picklescan prior to 0.0.25 fails to detect unsafe global functions in the Numpy library, enabling an attacker to bypass static analysis and execute arbitrary code during deserialization. Attackers can craft malicious pickle files using numpy.testing._private.utils.runstring withi...

7.6CVSS6.1AI score0.00552EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 10:8 p.m.3 views

CVE-2025-71352 picklescan - Remote Code Execution via Undetected trace.Trace.runctx in Pickle Files

picklescan before 0.0.29 fails to detect the built-in Python trace.Trace.runctx function when used in pickle file reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with trace.Trace.runctx payloads that bypass picklescan detection and...

7.6CVSS6.3AI score0.00637EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/23 12:13 p.m.6 views

CVE-2026-56315

picklescan before 1.0.4 fails to block at least seven Python standard library modules including uuid, osxsupport, aixsupport, pyrepl.pager, and imaplib exposing eight functions that provide direct arbitrary command execution. Attackers can craft malicious pickle files importing these unblocked...

9.8CVSS6.7AI score0.00757EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/23 12:12 p.m.8 views

EUVD-2025-210305

picklescan before 0.0.29 fails to detect the profile.Profile.runctx function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using profile.Profile.runctx in the reduce method to achieve remote code execution whe...

8.1CVSS6.5AI score0.00466EPSS
Exploits0References2
NVD
NVD
added 2026/06/21 2:16 p.m.17 views

CVE-2025-71351

picklescan before 0.0.25 fails to detect malicious pickle files that use timeit.timeit in the reduce method, allowing remote code execution. Attackers can craft pickle files that import dangerous libraries like os and execute arbitrary system commands, which evade picklescan detection and execute...

7.6CVSS0.00418EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/19 9:33 a.m.12 views

CVE-2026-49121

A flaw was found in AI Tensor Engine for ROCm AITER. This vulnerability allows unauthenticated remote attackers to execute arbitrary code by sending a specially crafted data package, known as a pickle payload, to a ZeroMQ ZMQ subscriber socket. This exploitation is possible due to a lack of...

9.8CVSS6.6AI score0.01104EPSS
Exploits1References6
Snyk
Snyk
added 2026/06/17 6:35 p.m.3 views

Incomplete List of Disallowed Inputs

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via the incomplete deny-list in the deserialization. An attacker can execute arbitrary code on the end use...

9.8CVSS6.2AI score0.00623EPSS
Exploits0References2
CVE
CVE
added 2026/06/17 3:5 p.m.18 views

CVE-2026-53873

The CVE-2026-53873 vulnerability affects picklescan prior to 1.0.4, where an incomplete blocklist for the profile module fails to block module-level profile.run(), enabling arbitrary code execution via exec() through crafted pickle files. Attackers can craft malicious pickles calling profile.run(...

9.8CVSS6.3AI score0.0046EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/12 6:30 p.m.9 views

Deserialization of Untrusted Data

Overview ludwig is a Declarative machine learning: End-to-end machine learning pipelines using data-driven configurations. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the predict method. An attacker can execute arbitrary code by supplying a maliciousl...

9.8CVSS6.1AI score0.006EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.8 views

Pyro3 安全漏洞

Pyro3 is a Python remote object invocation library developed by Irmen de Jong. Version 3.x of Pyro3 contains a security vulnerability, which stems from issues with the pickle protocol. This vulnerability could allow arbitrary code to be executed through specially crafted pickle string messages...

9.8CVSS6.1AI score0.00569EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/23 10:53 a.m.8 views

CVE-2026-33155

A flaw was found in DeepDiff. A remote attacker could exploit a vulnerability in the RestrictedUnpickler component, which fails to limit constructor arguments for certain data types. By providing a specially crafted, small pickle payload, an attacker can force the application to allocate an...

8.7CVSS5.8AI score0.00452EPSS
Exploits1References5
Snyk
Snyk
added 2026/02/25 3:24 p.m.4 views

Incomplete List of Disallowed Inputs

Overview fickling is an A static analyzer and interpreter for Python pickle data Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs in the islikelysafe, checksafety, --check-safety, alwayschecksafety and checksafety interfaces. An attacker can execute arbitra...

5.3CVSS6.1AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/17 12:55 a.m.8 views

CVE-2025-67747

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 are missing marshal and types from the block list of unsafe module imports. Fickling started blocking both modules to address this issue. This allows an attacker to craft a malicious pickle file that can bypass...

8.5CVSS7.6AI score0.00246EPSS
Exploits1References1
Saint
Saint
added 2025/10/24 12:0 a.m.119 views

BentoML runner server deserialization vulnerability

Added: 10/24/2025 CVE: CVE-2024-9070 Background BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Problem A deserialization vulnerability in the BentoML runner server allows remote attackers to execute arbitrary commands by sending a...

9.8CVSS9.8AI score0.00846EPSS
Exploits2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-0029

Malware in sbrugna...

7.8CVSS7.6AI score0.02391EPSS
Exploits1References6
Veracode
Veracode
added 2025/09/15 6:4 a.m.7 views

Remote Code Execution (RCE)

picklescan is vulnerable to Remote Code Execution RCE.The vulnerability is due to the GuardBuilder.get function being invoked from a crafted pickle's reduce method during deserialization, which bypasses Picklescan's checks and allows an attacker to execute arbitrary code when the victim calls...

8.2AI score
Exploits0
OSV
OSV
added 2025/08/26 6:37 p.m.6 views

GHSA-6W4W-5W54-RJVR Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.get_entity

Summary Using idlelib.autocomplete.AutoComplete.getentity, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.autocomplete.AutoComplete.getentity functio...

8.1CVSS7.9AI score0.00248EPSS
Exploits0References3
Rows per page
Query Builder