Critical severity9.8NVD Advisory· Published Feb 11, 2026· Updated Apr 15, 2026
CVE-2025-69872
CVE-2025-69872
Description
DiskCache (python-diskcache) through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
diskcachePyPI | <= 5.6.3 | — |
Affected products
3- osv-coords2 versions
< 2.7.3-r0+ 1 more
- (no CPE)range: < 2.7.3-r0
- (no CPE)range: <= 5.6.3
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.