Home

Description

picklescan before 0.0.33 fails to detect unsafe deserialization when numpy.f2py.crackfortran functions call eval on arbitrary strings. Attackers can embed malicious code in pickle files that executes when loaded from untrusted sources.

PUBLISHED Reserved 2026-06-20 | Published 2026-07-04 | Updated 2026-07-06 | Assigner VulnCheck




HIGH: 7.6CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
HIGH: 8.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Problem types

Deserialization of Untrusted Data

Product status

Default status
unaffected

Any version before 0.0.33
affected

0.0.33 (semver)
unaffected

References

github.com/...lescan/security/advisories/GHSA-r8g5-cgf2-4m4m exploit

github.com/...lescan/security/advisories/GHSA-r8g5-cgf2-4m4m (GitHub Security Advisory (GHSA-r8g5-cgf2-4m4m)) vendor-advisory

www.vulncheck.com/...erialization-in-numpy-f2py-crackfortran (VulnCheck Advisory: picklescan - Arbitrary Code Execution via Unsafe Deserialization in numpy.f2py.crackfortran) third-party-advisory

cve.org (CVE-2025-71362)

nvd.nist.gov (CVE-2025-71362)

Download JSON