Home

Description

picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.debugobj.ObjectTreeItem.SetText function in reduce methods. Attackers can craft pickle files with embedded code that bypasses picklescan detection and executes arbitrary commands when pickle.load() is called.

PUBLISHED Reserved 2026-06-20 | Published 2026-06-24 | Updated 2026-06-24 | Assigner VulnCheck




HIGH: 7.6CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
HIGH: 8.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Problem types

Deserialization of Untrusted Data

Product status

Default status
unaffected

Any version before 0.0.29
affected

0.0.29 (semver)
unaffected

Credits

FredericDT reporter

References

github.com/...lescan/security/advisories/GHSA-3vg9-h568-4w9m exploit

github.com/...lescan/security/advisories/GHSA-3vg9-h568-4w9m (GitHub Security Advisory (GHSA-3vg9-h568-4w9m)) vendor-advisory

www.vulncheck.com/...idlelib-debugobj-objecttreeitem-settext (VulnCheck Advisory: picklescan - Remote Code Execution via idlelib.debugobj.ObjectTreeItem.SetText) third-party-advisory

cve.org (CVE-2025-71354)

nvd.nist.gov (CVE-2025-71354)

Download JSON