Picklescan versions older than 0.0.29 allow an attacker to create a malicious pickle file that contains code which is executed when pickle.load() is called. The vulnerability arises because the application fails to detect malicious pickle files that exploit the idlelib.debugobj.ObjectTreeItem.SetText function within reduce methods. Successful exploitation grants the attacker the ability to run arbitrary commands on the system hosting picklescan, compromising confidentiality, integrity, and availability. The weakness is a flaw in insecure deserialization, identified as CWE-502.

All deployments of picklescan before version 0.0.29 are affected. The specific product is picklescan, produced by mmaitre314. No variant or platform information is provided beyond the generic product listing.

The CVSS score of 7.6 indicates a high severity impact, and the absence of an EPSS score suggests that exploitation is not currently reported but could be plausible depending on attacker's resources. The vulnerability is not listed in the CISA KEV catalog, indicating that no known exploits have been seen in the wild, yet the potential for arbitrary code execution remains significant. Attackers would need to deliver a crafted pickle file to an environment running an affected version of picklescan; once the file is processed with pickle.load(), the embedded code will execute with the privileges of the picklescan process.