Description
picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with cProfile.run payloads that bypass picklescan detection and achieve code execution upon deserialization.
Published: 2026-06-30
Score: 7.6 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

picklescan prior to 0.0.30 fails to detect calls to cProfile.run embedded within pickle reduce methods, which permits attackers to embed code that is executed during deserialization. This flaw aligns with CWE‑502, enabling arbitrary code execution by manipulating pickle payloads. The outcome is that any system that deserializes untrusted pickle data using picklescan could run attacker‑supplied code without additional privileges.

Affected Systems

The vulnerability affects the picklescan package provided by mmaitre314. Versions earlier than 0.0.30 are susceptible; newer releases contain the fix.

Risk and Exploitability

The CVSS score is 7.6, indicating a high severity. No EPSS data is available, and the flaw is not listed in CISA’s KEV catalog. Attackers can supply crafted pickle files remotely or locally to applications that rely on picklescan for safety checks, bypassing detection and triggering code execution. As the flaw is a direct deserialization issue, systems that deserialize untrusted data are at risk and would benefit from immediate remediation.

Generated by OpenCVE AI on June 30, 2026 at 23:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade picklescan to version 0.0.30 or later by installing the latest package from the official repository or updating the dependency in your project.
  • If an upgrade cannot be performed immediately, reconfigure the environment to prevent the import of the cProfile module during picklescan analysis, such as removing or sandboxing cProfile from the runtime path.
  • Audit all code paths that call picklescan to ensure they only process trusted pickle files or apply additional input validation before deserialization.

Generated by OpenCVE AI on June 30, 2026 at 23:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 22:45:00 +0000

Type Values Removed Values Added
Description picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with cProfile.run payloads that bypass picklescan detection and achieve code execution upon deserialization.
Title picklescan - Arbitrary Code Execution via Undetected cProfile.run in Pickle Deserialization
First Time appeared Mmaitre314
Mmaitre314 picklescan
Weaknesses CWE-502
CPEs cpe:2.3:a:mmaitre314:picklescan:*:*:*:*:*:*:*:*
Vendors & Products Mmaitre314
Mmaitre314 picklescan
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N'}

cvssV4_0

{'score': 7.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}


Subscriptions

Mmaitre314 Picklescan
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-30T22:08:18.794Z

Reserved: 2026-06-20T13:01:42.505Z

Link: CVE-2025-71363

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-30T23:30:04Z

Weaknesses
  • CWE-502

    Deserialization of Untrusted Data