Description
picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowing attackers to execute arbitrary code. Malicious pickle files bypass picklescan detection and execute remote code when loaded via pickle.load().
Published: 2026-06-21
Score: 7.6 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability allows an attacker to embed a cProfile.runctx function call in the reduce method of a pickle file, which picklescan fails to detect. When such a malicious pickle is loaded via pickle.load(), arbitrary code execution occurs with the privileges of the process running the load. This flaw is classified as an unsafe serialization issue (CWE-502) and can lead to full compromise of the host system.

Affected Systems

Picklescan is affected in all releases prior to 0.0.30. Any deployment that uses picklescan to load pickle files that may originate from untrusted sources is at risk. The issue is not limited to a specific operating system but applies wherever picklescan is installed.

Risk and Exploitability

The vulnerability carries a CVSS score of 7.6, indicating a high severity. No EPSS score is available, and the flaw is not listed in the CISA KEV catalog. Exploitation requires an attacker to supply or trick an application into loading a crafted pickle file containing the cProfile.runctx call. If the application processes untrusted pickle inputs, the attacker can gain arbitrary code execution on that system. The attack vector is inferred to be an adversary-controlled file or data stream.

Generated by OpenCVE AI on June 21, 2026 at 16:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade picklescan to version 0.0.30 or later, which includes detection of cProfile.runctx calls.
  • Restrict pickle loading to data from trusted, authenticated sources or implement whitelist checks before calling pickle.load().
  • When possible, replace pickle serialization with safer alternatives such as JSON or protocol buffer formats, or use secure deserialization libraries that validate payload structure.

Generated by OpenCVE AI on June 21, 2026 at 16:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 21 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Picklescan
Picklescan picklescan
Vendors & Products Picklescan
Picklescan picklescan

Sun, 21 Jun 2026 15:00:00 +0000

Type Values Removed Values Added
Description picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowing attackers to execute arbitrary code. Malicious pickle files bypass picklescan detection and execute remote code when loaded via pickle.load().
Title picklescan - Remote Code Execution via Undetected cProfile.runctx in Pickle Files
First Time appeared Mmaitre314
Mmaitre314 picklescan
Weaknesses CWE-502
CPEs cpe:2.3:a:mmaitre314:picklescan:*:*:*:*:*:*:*:*
Vendors & Products Mmaitre314
Mmaitre314 picklescan
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N'}

cvssV4_0

{'score': 7.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Mmaitre314 Picklescan
Picklescan Picklescan
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-21T13:26:50.106Z

Reserved: 2026-06-20T13:11:44.728Z

Link: CVE-2025-71378

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-21T19:15:04Z

Weaknesses
  • CWE-502

    Deserialization of Untrusted Data