EUVD-2025-16266

Malicious code in bioql PyPI...

EUVD-2025-16265

Malicious code in bioql PyPI...

CVE-2025-5174

A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic. Affected by this issue is the function load of the file pypickle/pypickle.py. The manipulation leads to deserialization. Local access is required to approach this attack. The exploit has been disclosed to th...

Improper Authorization

pypickle is vulnerable to Improper Authorization. The vulnerability is due to insufficient access control in the Save function of pypickle/pypickle.py, allowing local attackers to perform unauthorized actions...

Improper Authorization

Overview pypickle is a pypickle is a Python library to save and load variables in pickle files. Affected versions of this package are vulnerable to Improper Authorization due to the Save function. An attacker can manipulate the authorization process by exploiting local access to the system. This ...

Deserialization of Untrusted Data

Overview pypickle is a pypickle is a Python library to save and load variables in pickle files. Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the load function. An attacker can manipulate serialized objects to execute arbitrary code by supplying...

kolibri-light (>=0.1.1 <=0.3.2) potentially affected by CVE-2025-5174 via pypickle (=1.1.0)

pypickle PYPI version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on pypickle and may be impacted: - kolibri-light =0.1.1, =0.3.2 Source cves: CVE-2025-5174 Source advisory: OSV:GHSA-5QWJ-342R-H886...

pypickle unsafe deserialization vulnerability

A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic. Affected by this issue is the function load of the file pypickle/pypickle.py. The manipulation leads to deserialization. Local access is required to approach this attack. The exploit has been disclosed to th...

pypickle Incorrect Privilege Assignment vulnerability

A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as critical. This affects the function Save of the file pypickle/pypickle.py. The manipulation leads to improper authorization. Attacking locally is a requirement. The exploit has been disclosed to the public and m...

GHSA-QPXX-2CWH-R5VH pypickle Incorrect Privilege Assignment vulnerability

A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as critical. This affects the function Save of the file pypickle/pypickle.py. The manipulation leads to improper authorization. Attacking locally is a requirement. The exploit has been disclosed to the public and m...

GHSA-5QWJ-342R-H886 pypickle unsafe deserialization vulnerability

A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic. Affected by this issue is the function load of the file pypickle/pypickle.py. The manipulation leads to deserialization. Local access is required to approach this attack. The exploit has been disclosed to th...

kolibri-light (>=0.1.1 <=0.3.2) potentially affected by CVE-2025-5175 via pypickle (=1.1.0)

pypickle PYPI version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on pypickle and may be impacted: - kolibri-light =0.1.1, =0.3.2 Source cves: CVE-2025-5175 Source advisory: OSV:GHSA-QPXX-2CWH-R5VH...

PYSEC-2025-46

A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as critical. This affects the function Save of the file pypickle/pypickle.py. The manipulation leads to improper authorization. Attacking locally is a requirement. The exploit has been disclosed to the public and m...

PYSEC-2025-46

A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as critical. This affects the function Save of the file pypickle/pypickle.py. The manipulation leads to improper authorization. Attacking locally is a requirement. The exploit has been disclosed to the public and m...

kolibri-light (>=0.1.1 <=0.3.2) potentially affected by CVE-2025-5175 via pypickle (=1.1.0)

pypickle PYPI version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on pypickle and may be impacted: - kolibri-light =0.1.1, =0.3.2 Source cves: CVE-2025-5175 Source advisory: OSV:PYSEC-2025-46...

CVE-2025-5175

A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as critical. This affects the function Save of the file pypickle/pypickle.py. The manipulation leads to improper authorization. Attacking locally is a requirement. The exploit has been disclosed to the public and m...

CVE-2025-5175 erdogant pypickle pypickle.py save improper authorization

A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as critical. This affects the function Save of the file pypickle/pypickle.py. The manipulation leads to improper authorization. Attacking locally is a requirement. The exploit has been disclosed to the public and m...

CVE-2025-5175

CVE-2025-5175 affects erdogant pypickle up to 1.1.5. The issue is in Save (pypickle/pypickle.py) leading to improper authorization. Exploitation is described as local and publicly disclosed. Remediation: upgrade to 2.0.0; patch 14b4cae704a0bb4eb6723e238f25382d847a1917.

CVE-2025-5175 erdogant pypickle pypickle.py save improper authorization

A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as critical. This affects the function Save of the file pypickle/pypickle.py. The manipulation leads to improper authorization. Attacking locally is a requirement. The exploit has been disclosed to the public and m...

kolibri-light (>=0.1.1 <=0.3.2) potentially affected by CVE-2025-5174 via pypickle (=1.1.0)

pypickle PYPI version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on pypickle and may be impacted: - kolibri-light =0.1.1, =0.3.2 Source cves: CVE-2025-5174 Source advisory: OSV:PYSEC-2025-45...