VYPR

picklescan

by mmaitre314

pypi: picklescan

Source repositories

CVEs (24)

  • CVE-2026-56315Jun 23, 2026
    risk 0.00cvss epss 0.01

    picklescan before 1.0.4 fails to block at least seven Python standard library modules (including uuid, _osx_support, _aix_support, _pyrepl.pager, and imaplib) exposing eight functions that provide direct arbitrary command execution. Attackers can craft malicious pickle files…

  • CVE-2025-71376Jun 23, 2026
    risk 0.00cvss epss 0.00

    picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.autocomplete.AutoComplete.fetch_completions in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when loaded by victims.

  • CVE-2025-71370Jun 23, 2026
    risk 0.00cvss epss 0.00

    picklescan before 0.0.28 fails to detect malicious torch.jit.unsupported_tensor_ops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via pickle.load().

  • CVE-2025-71365Jun 23, 2026
    risk 0.00cvss epss 0.00

    picklescan before 0.0.33 fails to detect malicious pickle files that invoke numpy.f2py.crackfortran.myeval function through the reduce method. Attackers can craft malicious pickle files embedding arbitrary code that evades picklescan detection and executes remote code when…

  • CVE-2025-71344Jun 22, 2026
    risk 0.00cvss epss 0.00

    picklescan before 0.0.30 (affected versions 0.0.26 and earlier) fails to detect the ensurepip._run_pip built-in function when scanning pickle files, allowing attackers to execute arbitrary code. Malicious pickle files embedding ensurepip._run_pip calls in __reduce__ methods…

  • CVE-2025-71339Jun 22, 2026
    risk 0.00cvss epss 0.00

    Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran._eval_length gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded by victims who trust Picklescan's…

  • CVE-2025-71378Jun 21, 2026
    risk 0.00cvss epss 0.00

    picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowing attackers to execute arbitrary code. Malicious pickle files bypass picklescan detection and execute remote code when loaded via pickle.load().

  • CVE-2025-71357Jun 21, 2026
    risk 0.00cvss epss 0.00

    picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims.

  • CVE-2025-71348Jun 21, 2026
    risk 0.00cvss epss 0.00

    picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils._config_module.load_config function within reduce methods. Attackers can craft pickle files embedding arbitrary code that evades detection but executes during pickle.load, enabling remote…

  • CVE-2026-53875Jun 17, 2026
    risk 0.00cvss epss 0.00

    picklescan before 1.0.3 contains a scanning bypass vulnerability in the scan_pytorch function that allows attackers to embed malicious magic numbers via dynamic eval using the __reduce__ trick. Attackers can craft malicious PyTorch payloads that evade picklescan detection while…

  • CVE-2026-53874Jun 17, 2026
    risk 0.00cvss epss 0.01

    picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated users to execute arbitrary code by hiding eval calls nested under callable objects via getattr. Attackers can embed malicious code in pickle files that evades detection but executes…

  • CVE-2026-53872Jun 17, 2026
    risk 0.00cvss epss 0.01

    picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like…

  • CVE-2025-71325Jun 17, 2026
    risk 0.00cvss epss 0.00

    picklescan before 0.0.27 contains a parsing logic error in the _list_globals function when handling STACK_GLOBAL opcodes, failing to track arguments in the correct range and allowing malicious pickle files to bypass detection. Attackers can craft pickle files with arguments at…

  • CVE-2025-71323Jun 17, 2026
    risk 0.00cvss epss 0.01

    picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote code execution by invoking direct syscalls and accessing raw memory. Attackers can craft malicious pickle files using ctypes.WinDLL to load kernel32.dll and execute arbitrary…

  • CVE-2025-71322Jun 17, 2026
    risk 0.00cvss epss 0.00

    PickleScan before 0.0.33 fails to include the pty.spawn function in its unsafe globals list, allowing attackers to bypass security checks. Malicious actors can craft pickle payloads using pty.spawn to achieve arbitrary code execution when files are processed by PickleScan.

  • CVE-2025-71321Jun 17, 2026
    risk 0.00cvss epss 0.01

    picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows attackers to bypass the dangerous blocklist by using distutils.file_util.write_file. Attackers can construct malicious pickle objects to overwrite critical system files and achieve denial of…

  • CVE-2025-71320Jun 17, 2026
    risk 0.00cvss epss 0.01

    picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.methodcaller functions, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using these unblocked functions to achieve arbitrary…

  • CVE-2025-10157Sep 17, 2025
    risk 0.00cvss epss 0.01

    A Protection Mechanism Failure vulnerability in mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass the unsafe globals check. This is possible because the scanner performs an exact match for module names, allowing malicious payloads to be…

  • CVE-2025-10156Sep 17, 2025
    risk 0.00cvss epss 0.01

    An Improper Handling of Exceptional Conditions vulnerability in the ZIP archive scanning component of mmaitre314 picklescan allows a remote attacker to bypass security scans. This is achieved by crafting a ZIP archive containing a file with a bad Cyclic Redundancy Check (CRC),…

  • CVE-2025-10155Sep 17, 2025
    risk 0.00cvss epss 0.01

    An Improper Input Validation vulnerability in the scanning logic of mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass pickle files security checks by supplying a standard pickle file with a PyTorch-related file extension. When the…

Page 1 of 2