← Browse

Picklescan

34 CVEs
CVE IDSeverityProduct / summaryPublished
CVE-2025-71349 HIGH 7.6 Picklescan — picklescan before 0.0.29 fails to detect the built-in trace.Trace.run function when analyzing pickle files, al… 2026-06-30 CVE-2025-71350 HIGH 7.6 Picklescan — picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collect_env.run function in … 2026-06-30 CVE-2025-71352 HIGH 7.6 Picklescan — picklescan before 0.0.29 fails to detect the built-in Python trace.Trace.runctx function when used in pickle f… 2026-06-30 CVE-2025-71355 HIGH 7.6 Picklescan — Picklescan before 0.0.25 fails to detect unsafe global functions in the Numpy library, allowing attackers to b… 2026-06-30 CVE-2025-71363 HIGH 7.6 Picklescan — picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attack… 2026-06-30 CVE-2025-71368 HIGH 7.6 Picklescan — picklescan before 0.0.30 fails to detect the doctest.debug_script function when analyzing pickle files, allowi… 2026-06-30 CVE-2025-71371 HIGH 7.6 Picklescan — picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in r… 2026-06-30 CVE-2025-71374 HIGH 7.6 Picklescan — picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle … 2026-06-30 CVE-2025-71340 HIGH 7.6 Picklescan — picklescan through 0.0.26 fails to detect malicious pickle files that invoke idlelib.pyshell.ModifiedInterpret… 2026-06-25 CVE-2025-71354 HIGH 7.6 Picklescan — picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.debugobj.ObjectTreeItem.S… 2026-06-24 CVE-2025-71361 HIGH 7.6 Picklescan — picklescan before 0.0.29 fails to detect malicious idlelib.calltip.Calltip.fetch_tip calls in pickle files, al… 2026-06-24 CVE-2026-56315 CRITICAL 9.3 Picklescan — picklescan before 1.0.4 fails to block at least seven Python standard library modules (including uuid, _osx_su… 2026-06-23 CVE-2025-71341 HIGH 7.6 Picklescan — picklescan before 0.0.29 fails to detect the profile.Profile.runctx function when analyzing pickle files, allo… 2026-06-23 CVE-2025-71365 HIGH 7.6 Picklescan — picklescan before 0.0.33 fails to detect malicious pickle files that invoke numpy.f2py.crackfortran.myeval fun… 2026-06-23 CVE-2025-71370 HIGH 7.6 Picklescan — picklescan before 0.0.28 fails to detect malicious torch.jit.unsupported_tensor_ops.execWrapper function calls… 2026-06-23 CVE-2025-71376 HIGH 7.6 Picklescan — picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.autocomplete.AutoComplete.fetch_… 2026-06-23 CVE-2025-71339 HIGH 7.6 Picklescan — Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran._eval_length gadget in pickle __reduce__ … 2026-06-22 CVE-2025-71344 HIGH 7.6 Picklescan — picklescan before 0.0.30 (affected versions 0.0.26 and earlier) fails to detect the ensurepip._run_pip built-i… 2026-06-22 CVE-2025-71358 HIGH 7.6 Picklescan — picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.autocomplete.AutoComplete… 2026-06-22 CVE-2025-71348 HIGH 7.6 Picklescan — picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils._config_module.load_co… 2026-06-21 CVE-2025-71351 HIGH 7.6 Picklescan — picklescan before 0.0.25 fails to detect malicious pickle files that use timeit.timeit() in the __reduce__ met… 2026-06-21 CVE-2025-71357 HIGH 7.6 Picklescan — picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runc… 2026-06-21 CVE-2025-71378 HIGH 7.6 Picklescan — picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowin… 2026-06-21 CVE-2026-56304 MEDIUM 6.9 Picklescan — picklescan before 1.0.1 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attac… 2026-06-20 CVE-2026-3490 CRITICAL 10 Picklescan — picklescan before 1.0.4 fails to block pkgutil.resolve_name, allowing attackers to bypass the entire blocklist… 2026-06-17 CVE-2026-53872 HIGH 8.7 Picklescan — picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated atta… 2026-06-17 CVE-2026-53873 CRITICAL 9.3 Picklescan — picklescan before 1.0.4 contains an incomplete blocklist for the profile module that fails to block the module… 2026-06-17 CVE-2026-53874 CRITICAL 9.3 Picklescan — picklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated users to exe… 2026-06-17 CVE-2026-53875 HIGH 7.1 Picklescan — picklescan before 1.0.3 contains a scanning bypass vulnerability in the scan_pytorch function that allows atta… 2026-06-17 CVE-2025-71320 CRITICAL 9.3 Picklescan — picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.method… 2026-06-17 CVE-2025-71321 CRITICAL 9.3 Picklescan — picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows attackers to bypass the … 2026-06-17 CVE-2025-71322 HIGH 8.7 Picklescan — PickleScan before 0.0.33 fails to include the pty.spawn function in its unsafe globals list, allowing attacker… 2026-06-17 CVE-2025-71323 CRITICAL 9.3 Picklescan — picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote code execution… 2026-06-17 CVE-2025-71325 CRITICAL 9.3 Picklescan — picklescan before 0.0.27 contains a parsing logic error in the _list_globals function when handling STACK_GLOB… 2026-06-17