← All CVEs

CVE-2026-3490

CRITICAL 10

Published 2026-06-17 · Last modified 2026-06-18

picklescan before 1.0.4 fails to block pkgutil.resolve_name, allowing attackers to bypass the entire blocklist by resolving any dangerous function through indirect REDUCE calls. Remote attackers can invoke any blocked function such as os.system, builtins.exec, or subprocess.call to achieve remote code execution.

ELEVATED IMPACT

Severe if exploited (CVSS 10), but no known exploitation and low modeled probability. Patch on a normal cadence.

Exploitation likelihood

0.6%chance of exploitation in 30 days · 45th percentile

○ In CISA KEV ○ Public exploit / PoC

Impact if exploited

10CVSS 4.0 · CRITICAL

  • ConfidentialityHigh
  • IntegrityHigh
  • AvailabilityHigh

What an attacker needs

  • Access: Reachable over the network — no local access needed
  • Privileges: No account or privileges required
  • User interaction: No user interaction needed
  • Complexity: No special conditions — reliably repeatable
  • Requirements: No special attack requirements

✓ lowers the bar for an attacker · ⚠ raises it

Affected

Vendors Picklescan

Products Picklescan

Weakness (CWE)

  • CWE-183

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Sources: NVD · CVE.org · EPSS