Lucene search
+L

10 matches found

EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2025-210391

picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...

8.1CVSS6.1AI score0.00499EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/30 11:20 p.m.7 views

Deserialization of Untrusted Data

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the code.InteractiveInterpreter process in reduce methods. An attacker can execute arbitrary code by...

8.1CVSS6.1AI score0.00499EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:16 p.m.5 views

CVE-2025-71371

picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...

8.1CVSS0.00499EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:8 p.m.14 views

CVE-2025-71371

CVE-2025-71371 affects picklescan

8.1CVSS6.1AI score0.00499EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 10:8 p.m.4 views

CVE-2025-71371 picklescan - Remote Code Execution via code.InteractiveInterpreter Detection Bypass

picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...

7.6CVSS6.3AI score0.00499EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-54011

Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.29 Description The software fails to detect malicious pickle files that utilize the code.InteractiveInterpreter.runcode function within reduce methods. This allows attackers to craft pickle payloads that bypass...

8.1CVSS6.1AI score0.00499EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/08/26 6:37 p.m.8 views

Picklescan has a missing detection when calling built-in python code.InteractiveInterpreter

Summary Using code.InteractiveInterpreter.runcode, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to code.InteractiveInterpreter.runcode function in reduce meth...

7.9AI score
Exploits0References3Affected Software1
Fedora
Fedora
added 2022/02/12 1:19 a.m.69 views

[SECURITY] Fedora 35 Update: ipython-7.26.0-3.fc35

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

8.8CVSS8.7AI score0.00657EPSS
Exploits1
Fedora
Fedora
added 2015/09/18 1:34 a.m.42 views

[SECURITY] Fedora 22 Update: ipython-2.4.1-8.fc22

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

4.3CVSS0.8AI score0.02768EPSS
Exploits1
Fedora
Fedora
added 2015/07/30 1:18 a.m.34 views

[SECURITY] Fedora 21 Update: ipython-2.4.1-7.fc21

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

8.8CVSS0.8AI score0.01201EPSS
Exploits1
Rows per page
Query Builder