Lucene search
K

6 matches found

NVD
NVD
added 2026/06/23 1:16 p.m.13 views

CVE-2025-71370

picklescan before 0.0.28 fails to detect malicious torch.jit.unsupportedtensorops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...

8.1CVSS0.00379EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 12:12 p.m.5 views

EUVD-2025-210307

picklescan before 0.0.28 fails to detect malicious torch.jit.unsupportedtensorops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...

8.1CVSS6.2AI score0.00379EPSS
Exploits0References2
CVE
CVE
added 2026/06/23 12:12 p.m.14 views

CVE-2025-71370

Vulnerability summary (CVE-2025-71370): picklescan before 0.0.28 fails to detect malicious torch.jit.unsupported_tensor_ops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via p...

8.1CVSS6.2AI score0.00379EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 12:12 p.m.33 views

CVE-2025-71370 picklescan - Remote Code Execution via torch.jit.unsupported_tensor_ops.execWrapper

picklescan before 0.0.28 fails to detect malicious torch.jit.unsupportedtensorops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...

8.1CVSS0.00379EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/22 4:58 p.m.2 views

Remote Code Execution (RCE)

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Remote Code Execution RCE due to insufficient detection in the reduce method involving the torch.jit.unsupportedtensorops.execWrapper function...

6.7CVSS8.1AI score
Exploits0References2
OSV
OSV
added 2025/08/22 4:58 p.m.4 views

GHSA-VR7H-P6MM-WPMH Picklescan missing detection when calling pytorch function torch.jit.unsupported_tensor_ops.execWrapper

Summary Using torch.jit.unsupportedtensorops.execWrapper function, which is a pytorch library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to torch.jit.unsupportedtensorops.execWrapper function...

8.1CVSS7.9AI score0.00379EPSS
Exploits0References5
Rows per page
Query Builder