EUVD-2025-29453

Malicious code in bioql PyPI...

GHSA-6VQJ-C2Q5-J97W Picklescan has a missing detection when calling built-in python profile.Profile.runctx

Summary Using profile.Profile.runctx, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to profile.Profile.runctx function in reduce method Then when the victim...