60 matches found
Incomplete List of Disallowed Inputs
Overview fickling is an A static analyzer and interpreter for Python pickle data Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via the checksafety function. An attacker can execute arbitrary code by crafting pickle payloads that import unlisted standard...
CVE-2025-71353
picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch.dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with embedded code that evades picklescan detection and executes arbitrary commands when loaded...
CVE-2025-71347
picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py.crackfortran.parameval function in reduce methods, allowing attackers to bypass security checks. Remote attackers can embed undetected code in pickle files that executes during deserialization, enabling arbitrary cod...
CVE-2025-71353 picklescan - Remote Code Execution via torch._dynamo.guards.GuardBuilder.get
picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch.dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with embedded code that evades picklescan detection and executes arbitrary commands when loaded...
CVE-2025-71345 picklescan - Arbitrary Code Execution via torch.utils.bottleneck.__main__.run_autograd_prof
picklescan before 0.0.30 fails to detect malicious pickle files that invoke torch.utils.bottleneck.main.runautogradprof function. Attackers can embed undetected code in pickle files that executes during deserialization, enabling remote code execution...
EUVD-2025-210411
picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.makelabel function in the reduce method. Attackers can craft malicious pickle files with embedded code that evades detection but executes arbitrary commands when pickle.load is called...
EUVD-2025-210410
picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.run.Executive.runcode in reduce methods. Attackers can embed undetected code in pickle files that executes during pickle.load, enabling remote code execution in PyTorch models and supply chain attacks...
CVE-2025-71371
CVE-2025-71371 affects picklescan
CVE-2025-71350 picklescan - Undetected Remote Code Execution via torch.utils.collect_env.run
picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collectenv.run function in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims...
CVE-2025-71340
picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpreter.runcode in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when the file is loaded via pickle.load, enabling supply chain attacks o...
CVE-2025-71340 picklescan - Remote Code Execution via idlelib.pyshell.ModifiedInterpreter.runcode
picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpreter.runcode in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when the file is loaded via pickle.load, enabling supply chain attacks o...
CVE-2025-71354
Summary: CVE-2025-71354 affects the Python package picklescan (prior to 0.0.29) via the idlelib.debugobj.ObjectTreeItem.SetText reduce path, allowing crafted pickle payloads to bypass detection and cause arbitrary code execution when pickle.load() is used. Affected software: picklescan (versions ...
CVE-2025-71354
picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.debugobj.ObjectTreeItem.SetText function in reduce methods. Attackers can craft pickle files with embedded code that bypasses picklescan detection and executes arbitrary commands when pickle.load is called...
CVE-2025-71376
picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.autocomplete.AutoComplete.fetchcompletions in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when loaded by victims...
CVE-2025-71358
picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.autocomplete.AutoComplete.getentity function in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when loaded by victims using pickle.load...
CVE-2025-71357
CVE-2025-71357 affects the Python package picklescan older than 0.0.30. The vulnerability arises from using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods, allowing attackers to embed code in pickle files that can execute remote commands when loaded by a victim. The connected so...
CVE-2026-53873 picklescan - Arbitrary Code Execution via profile.run() Blocklist Bypass
picklescan before 1.0.4 contains an incomplete blocklist for the profile module that fails to block the module-level profile.run function, allowing attackers to achieve arbitrary code execution via exec. Attackers can craft malicious pickle files calling profile.runstatement to execute arbitrary...
CVE-2026-53873 picklescan - Arbitrary Code Execution via profile.run() Blocklist Bypass
picklescan before 1.0.4 contains an incomplete blocklist for the profile module that fails to block the module-level profile.run function, allowing attackers to achieve arbitrary code execution via exec. Attackers can craft malicious pickle files calling profile.runstatement to execute arbitrary...
Incomplete List of Disallowed Inputs
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs in the unsafeglobals function. An attacker can execute arbitrary commands on the target system by crafting...
PT-2026-50467
Name of the Vulnerable Software and Affected Versions picklescan versions prior to 1.0.4 Description An incomplete blocklist for the profile module fails to block the module-level profile.run function. This allows attackers to achieve arbitrary code execution via exec by crafting malicious pickle...