Picklescan
34 CVEsCVE IDSeverityProduct / summaryPublished
CVE-2025-71349
HIGH 7.6
Picklescan — picklescan before 0.0.29 fails to detect the built-in trace.Trace.run function when analyzing pickle files, al…
2026-06-30
CVE-2025-71350
HIGH 7.6
Picklescan — picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collect_env.run function in …
2026-06-30
CVE-2025-71352
HIGH 7.6
Picklescan — picklescan before 0.0.29 fails to detect the built-in Python trace.Trace.runctx function when used in pickle f…
2026-06-30
CVE-2025-71355
HIGH 7.6
Picklescan — Picklescan before 0.0.25 fails to detect unsafe global functions in the Numpy library, allowing attackers to b…
2026-06-30
CVE-2025-71363
HIGH 7.6
Picklescan — picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attack…
2026-06-30
CVE-2025-71368
HIGH 7.6
Picklescan — picklescan before 0.0.30 fails to detect the doctest.debug_script function when analyzing pickle files, allowi…
2026-06-30
CVE-2025-71371
HIGH 7.6
Picklescan — picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in r…
2026-06-30
CVE-2025-71374
HIGH 7.6
Picklescan — picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle …
2026-06-30
CVE-2025-71340
HIGH 7.6
Picklescan — picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpret…
2026-06-25
CVE-2025-71354
HIGH 7.6
Picklescan — picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.debugobj.ObjectTreeItem.S…
2026-06-24
CVE-2025-71361
HIGH 7.6
Picklescan — picklescan before 0.0.29 fails to detect malicious idlelib.calltip.Calltip.fetch_tip calls in pickle files, al…
2026-06-24
CVE-2026-56315
CRITICAL 9.3
Picklescan — picklescan before 1.0.4 fails to block at least seven Python standard library modules (including uuid, _osx_su…
2026-06-23
CVE-2025-71341
HIGH 7.6
Picklescan — picklescan before 0.0.29 fails to detect the profile.Profile.runctx function when analyzing pickle files, allo…
2026-06-23
CVE-2025-71365
HIGH 7.6
Picklescan — picklescan before 0.0.33 fails to detect malicious pickle files that invoke numpy.f2py.crackfortran.myeval fun…
2026-06-23
CVE-2025-71370
HIGH 7.6
Picklescan — picklescan before 0.0.28 fails to detect malicious torch.jit.unsupported_tensor_ops.execWrapper function calls…
2026-06-23
CVE-2025-71376
HIGH 7.6
Picklescan — picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.autocomplete.AutoComplete.fetch_…
2026-06-23
CVE-2025-71339
HIGH 7.6
Picklescan — Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran._eval_length gadget in pickle __reduce__ …
2026-06-22
CVE-2025-71344
HIGH 7.6
Picklescan — picklescan before 0.0.30 (affected versions 0.0.26 and earlier) fails to detect the ensurepip._run_pip built-i…
2026-06-22
CVE-2025-71358
HIGH 7.6
Picklescan — picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.autocomplete.AutoComplete…
2026-06-22
CVE-2025-71348
HIGH 7.6
Picklescan — picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils._config_module.load_co…
2026-06-21
CVE-2025-71351
HIGH 7.6
Picklescan — picklescan before 0.0.25 fails to detect malicious pickle files that use timeit.timeit() in the __reduce__ met…
2026-06-21
CVE-2025-71357
HIGH 7.6
Picklescan — picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runc…
2026-06-21
CVE-2025-71378
HIGH 7.6
Picklescan — picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowin…
2026-06-21
CVE-2026-56304
MEDIUM 6.9
Picklescan — picklescan before 1.0.1 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attac…
2026-06-20
CVE-2026-3490
CRITICAL 10
Picklescan — picklescan before 1.0.4 fails to block pkgutil.resolve_name, allowing attackers to bypass the entire blocklist…
2026-06-17
CVE-2026-53872
HIGH 8.7
Picklescan — picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated atta…
2026-06-17
CVE-2026-53873
CRITICAL 9.3
Picklescan — picklescan before 1.0.4 contains an incomplete blocklist for the profile module that fails to block the module…
2026-06-17
CVE-2026-53874
CRITICAL 9.3
Picklescan — picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated users to exe…
2026-06-17
CVE-2026-53875
HIGH 7.1
Picklescan — picklescan before 1.0.3 contains a scanning bypass vulnerability in the scan_pytorch function that allows atta…
2026-06-17
CVE-2025-71320
CRITICAL 9.3
Picklescan — picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.method…
2026-06-17
CVE-2025-71321
CRITICAL 9.3
Picklescan — picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows attackers to bypass the …
2026-06-17
CVE-2025-71322
HIGH 8.7
Picklescan — PickleScan before 0.0.33 fails to include the pty.spawn function in its unsafe globals list, allowing attacker…
2026-06-17
CVE-2025-71323
CRITICAL 9.3
Picklescan — picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote code execution…
2026-06-17
CVE-2025-71325
CRITICAL 9.3
Picklescan — picklescan before 0.0.27 contains a parsing logic error in the _list_globals function when handling STACK_GLOB…
2026-06-17