Description
picklescan before 0.0.30 fails to detect the doctest.debug_script function when analyzing pickle files, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files embedding doctest.debug_script calls that bypass picklescan detection and execute arbitrary commands upon pickle.load invocation.
Published: 2026-06-30
Score: 7.6 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

picklescan versions prior to 0.0.30 do not detect the doctest.debug_script function when analyzing pickle files, which permits attackers to embed this function within a malicious pickle. When a user processes the crafted pickle with pickle.load, the doctest.debug_script call executes arbitrary code in the current process. The flaw is a serialization deserialization vulnerability (CWE-502) that could lead to complete compromise of the host running the scan or who loads the pickle.

Affected Systems

The vulnerability affects the"picklescan" tool distributed by mmaitre314. Any installations of picklescan older than version 0.0.30 are potentially exploitable. No other versions or related products are listed as affected.

Risk and Exploitability

The CVSS score of 7.6 indicates a high severity attack with confidentiality, integrity, and availability impacts. The EPSS score is not available, but the lack of a KEV listing does not preclude exploitation. The likely attack vector is remote: an attacker can deliver a malicious pickle file over the network, via email attachment, or any file transfer mechanism, and the victim will execute code when the file is scanned or loaded. The vulnerability does not require user interaction beyond running picklescan against a malicious file, making it convenient for automation by threat actors.

Generated by OpenCVE AI on June 30, 2026 at 23:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade picklescan to 0.0.30 or newer, which includes detection of doctest.debug_script calls.
  • If an upgrade cannot be performed immediately, avoid scanning or loading untrusted pickle files with picklescan, and restrict file access to trusted sources only.
  • Consider using safer serialization formats such as JSON for configuration data, or use custom deserialization checks that prevent execution of arbitrary code.

Generated by OpenCVE AI on June 30, 2026 at 23:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 22:45:00 +0000

Type Values Removed Values Added
Description picklescan before 0.0.30 fails to detect the doctest.debug_script function when analyzing pickle files, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files embedding doctest.debug_script calls that bypass picklescan detection and execute arbitrary commands upon pickle.load invocation.
Title picklescan - Arbitrary Code Execution via Undetected doctest.debug_script
First Time appeared Mmaitre314
Mmaitre314 picklescan
Weaknesses CWE-502
CPEs cpe:2.3:a:mmaitre314:picklescan:*:*:*:*:*:*:*:*
Vendors & Products Mmaitre314
Mmaitre314 picklescan
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N'}

cvssV4_0

{'score': 7.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}


Subscriptions

Mmaitre314 Picklescan
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-30T22:08:19.476Z

Reserved: 2026-06-20T13:01:42.505Z

Link: CVE-2025-71368

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-30T23:30:04Z

Weaknesses
  • CWE-502

    Deserialization of Untrusted Data