Description
Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran._eval_length gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded by victims who trust Picklescan's safety validation.
Severity (CVSS)
| Base score | 7.6 |
|---|---|
| Severity | High |
| Version | CVSS 4.0 |
| Vector | CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N |
| Provided by | CNA |
Weaknesses
- CWE-502 — Deserialization of Untrusted Data
Affected products
| Vendor | Product | Versions |
|---|---|---|
| Picklescan | Picklescan | 0 to <0.0.33; 0.0.33 |
References
Generated from the official CVE List on 23 Jun 2026 10:05 UTC.