Lucene search
K

7 matches found

OSV
OSV
added 2026/07/04 1:23 a.m.3 views

CVE-2025-71364 picklescan - Arbitrary Code Execution via Undetected asyncio.unix_events._UnixSubprocessTransport._start

picklescan before 0.0.30 fails to detect the asyncio.unixevents.UnixSubprocessTransport.start function in pickle reduce methods, allowing remote code execution. Attackers can craft malicious pickle files embedding this built-in function that evade detection but execute arbitrary commands when...

7.6CVSS6.5AI score0.00555EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2025-210389

picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with cProfile.run payloads that bypass picklescan detection and achieve code execution upon deserializatio...

8.1CVSS6.5AI score0.00585EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 10:8 p.m.25 views

CVE-2025-71374 picklescan - Arbitrary Code Execution via Undetected profile.Profile.run

picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files that bypass picklescan detection and achieve code execution upon...

8.1CVSS0.00638EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:8 p.m.25 views

CVE-2025-71352 picklescan - Remote Code Execution via Undetected trace.Trace.runctx in Pickle Files

picklescan before 0.0.29 fails to detect the built-in Python trace.Trace.runctx function when used in pickle file reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with trace.Trace.runctx payloads that bypass picklescan detection and...

8.1CVSS0.00637EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/21 1:26 p.m.7 views

CVE-2025-71378

picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowing attackers to execute arbitrary code. Malicious pickle files bypass picklescan detection and execute remote code when loaded via pickle.load...

8.1CVSS6.4AI score0.00338EPSS
Exploits1References3
CVE
CVE
added 2026/06/21 1:26 p.m.16 views

CVE-2025-71378

The CVE-2025-71378 entry concerns picklescan before 0.0.30 failing to detect cProfile.runctx calls in pickle file reduce methods. This allows a attacker-supplied, malicious pickle file to execute arbitrary code when loaded via pickle.load(), i.e., a remote code execution scenario. The issue is de...

8.1CVSS6.4AI score0.00338EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/06/21 1:26 p.m.6 views

EUVD-2025-210294

picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowing attackers to execute arbitrary code. Malicious pickle files bypass picklescan detection and execute remote code when loaded via pickle.load...

8.1CVSS6.4AI score0.00338EPSS
Exploits1References2
Rows per page
Query Builder