85 matches found
CVE-2025-71366 picklescan - Arbitrary Code Execution via torch.utils.bottleneck.__main__.run_cprofile
picklescan before 0.0.28 fails to detect malicious torch.utils.bottleneck.main.runcprofile function calls in pickle files, allowing attackers to bypass safety checks. Remote attackers can embed undetected code in pickle files to achieve arbitrary code execution when victims load the files...
EUVD-2025-210390
picklescan before 0.0.30 fails to detect the doctest.debugscript function when analyzing pickle files, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files embedding doctest.debugscript calls that bypass picklescan detection and execute arbitrary command...
CVE-2025-71355
CVE-2025-71355 : Picklescan prior to 0.0.25 fails to detect unsafe global functions in the Numpy library, enabling an attacker to bypass static analysis and execute arbitrary code during deserialization. Attackers can craft malicious pickle files using numpy.testing._private.utils.runstring withi...
PYSEC-2026-547 Deserialization of untrusted data in synthcity
A vulnerability, which was classified as critical, has been found in vanderSchaar LAB synthcity 0.2.9. Affected by this issue is the function loadfromfile of the component PKL File Handler. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been...
CVE-2025-71370
picklescan before 0.0.28 fails to detect malicious torch.jit.unsupportedtensorops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via pickle.load...
CVE-2025-71344 picklescan - Arbitrary Code Execution via Undetected ensurepip._run_pip Function
picklescan before 0.0.30 affected versions 0.0.26 and earlier fails to detect the ensurepip.runpip built-in function when scanning pickle files, allowing attackers to execute arbitrary code. Malicious pickle files embedding ensurepip.runpip calls in reduce methods bypass picklescan detection and...
CVE-2026-56304
picklescan before 1.0.1 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to create arbitrary zero-byte files via logging.FileHandler class instantiation. Attackers can exploit this by crafting malicious pickle payloads to bypass RCE blocklists and create...
GHSA-WCR3-GM9F-F87Q Ludwig framework is vulnerable to insecure deserialization through its predict() method.
The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization CWE-502 through its predict method. When a user provides a dataset file path to the predict method, the framework automatically determines the file format. If the file is a pickle .pkl file, it is loaded using...
CVE-2026-31237
The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization CWE-502 through its predict method. When a user provides a dataset file path to the predict method, the framework automatically determines the file format. If the file is a pickle .pkl file, it is loaded using...
Deserialization of Untrusted Data
Overview monai is an AI Toolkit for Healthcare Imaging Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the algofrompickle function in monai/auto3dseg/utils.py. An attacker can execute arbitrary code by providing a crafted pickle file that is deserialized...
CVE-2026-3989
SGLangs replayrequestdump.py contains an insecure pickle.load without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script...
SGLangs `replay_request_dump.py` contains an insecure pickle.load() without validation and proper deserialization
SGLangs replayrequestdump.py contains an insecure pickle.load without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script...
CVE-2026-3989
SGLangs replayrequestdump.py contains an insecure pickle.load without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script...
CVE-2026-3989 CVE-2026-3989
SGLangs replayrequestdump.py contains an insecure pickle.load without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script...
CVE-2026-3989
SGLangs replayrequestdump.py contains an insecure pickle.load without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script...
CVE-2026-3989
CVE-2026-3989 affects SGLangs replay_request_dump.py, where an insecure pickle.load() is used without validation. The underlying issue is improper deserialization, enabling execution of attacker-supplied code when a malicious .pkl file is provided to the script. The CVE’s metrics indicate a high-...
Boltz contains an insecure deserialization vulnerability in its molecule loading functionality
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achie...
CVE-2025-70559
pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation, allowing an attacker who can place a malicious pickle file in a reachable location to trigger arbitrary...
CVE-2025-70559
pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. An attacker with the ability to place a malicious pickle file in a location accessible to the applicati...
CVE-2025-70559
pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. An attacker with the ability to place a malicious pickle file in a location accessible to the applicati...