Home

Description

picklescan before 0.0.25 fails to detect malicious pickle files that use timeit.timeit() in the __reduce__ method, allowing remote code execution. Attackers can craft pickle files that import dangerous libraries like os and execute arbitrary system commands, which evade picklescan detection and execute when pickle.load() is called.

PUBLISHED Reserved 2026-06-20 | Published 2026-06-21 | Updated 2026-06-22 | Assigner VulnCheck




HIGH: 7.6CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Problem types

Incomplete List of Disallowed Inputs

Product status

Default status
unaffected

Any version before 0.0.25
affected

0.0.25 (semver)
unaffected

Credits

SeaW1nd reporter

References

github.com/...lescan/security/advisories/GHSA-v7x6-rv5q-mhwc exploit

github.com/...lescan/security/advisories/GHSA-v7x6-rv5q-mhwc (GHSA Advisory GHSA-v7x6-rv5q-mhwc) vendor-advisory

www.vulncheck.com/...tion-via-timeit-timeit-detection-bypass (VulnCheck Advisory: picklescan - Remote Code Execution via timeit.timeit() Detection Bypass) third-party-advisory

cve.org (CVE-2025-71351)

nvd.nist.gov (CVE-2025-71351)

Download JSON