2 matches found
CVE-2025-71347
The vulnerability concerns picklescan prior to 0.0.33, which fails to detect malicious pickle files that rely on numpy.f2py.crackfortran.param_eval in reduce methods. This allows remote attackers to embed code that executes during deserialization in applications that load untrusted pickle data, e...
EUVD-2025-205659
Picklescan is vulnerable to RCE via missing detection when calling numpy.f2py.crackfortran.parameval...