GHSA-HF6H-9WQ7-HMJG Duplicate Advisory: Picklescan is Vulnerable to Unsafe Globals Check Bypass through Subclass Imports

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-f7qq-56ww-84cr. This link is maintained to preserve external references. Original Description A Protection Mechanism Failure vulnerability in mmaitre314 picklescan versions up to and including 0.0.30 allows a...

Duplicate Advisory: Picklescan is Vulnerable to Unsafe Globals Check Bypass through Subclass Imports

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-f7qq-56ww-84cr. This link is maintained to preserve external references. Original Description A Protection Mechanism Failure vulnerability in mmaitre314 picklescan versions up to and including 0.0.30 allows a...

CVE-2025-10157 PickleScan Bypasses Unsafe Globals Check Using Submodule Imports

A Protection Mechanism Failure vulnerability in mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass the unsafe globals check. This is possible because the scanner performs an exact match for module names, allowing malicious payloads to be loaded via...

CVE-2025-10157 PickleScan Bypasses Unsafe Globals Check Using Submodule Imports

A Protection Mechanism Failure vulnerability in mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass the unsafe globals check. This is possible because the scanner performs an exact match for module names, allowing malicious payloads to be loaded via...

CVE-2025-10157

CVE-2025-10157 affects mmaitre314’s Picklescan up to version 0.0.30, describing a protection-mechanism failure that bypasses the unsafe-globals check by loading malicious payloads through submodules of dangerous packages (e.g., asyncio.unix_events). Exploitation could lead to arbitrary code execu...