Description

picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collect_env.run function in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims.

Severity (CVSS)

Base score7.6
SeverityHigh
VersionCVSS 4.0
VectorCVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Provided byCNA

Weaknesses

  • CWE-502 — Deserialization of Untrusted Data

Affected products

VendorProductVersions
picklescanpicklescan0 to <0.0.28; 0.0.28

References

Authoritative sources

This page is a snapshot. For the latest enrichment and updates, view the record on CVE.org or the NVD.

Generated from the official CVE List on 01 Jul 2026 07:05 UTC.