Description
Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, Fickling is vulnerable to detection bypass due to "builtins" blindness. This issue has been patched in version 0.1.7.
Published: 2026-01-10
Score: 8.9 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary Code Execution
Action: Immediate Patch
AI Analysis

Impact

Fickling, a Python pickling decompiler and static analyzer, contains a builtins blindness flaw that allows an attacker to bypass detection mechanisms. This flaw permits the execution of arbitrary code through improperly deserialized pickles. The vulnerability is classified as CWE-502, which describes deserialization of untrusted data leading to unintended code execution.

Affected Systems

TrailofBits' Fickling tool is affected, specifically all releases prior to version 0.1.7. Users of any earlier version of Fickling should be aware that the builtins blindness issue could be exploited when processing untrusted pickle data.

Risk and Exploitability

The CVSS score of 8.9 highlights high severity, and the EPSS score of less than 1% indicates a low likelihood of exploitation, yet the flaw remains dangerous because it could lead to code execution when Fickling processes external data. The vulnerability is not listed in the CISA KEV catalog. A likely attack vector is local execution by an attacker who supplies or modifies pickle files that Fickling will analyze.

Generated by OpenCVE AI on April 18, 2026 at 07:15 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Fickling 0.1.7 or later.
  • Restrict Fickling to handle only trusted pickle files.
  • Sanitize the execution environment by running Fickling as a non‑privileged user and inside a sandbox.

Generated by OpenCVE AI on April 18, 2026 at 07:15 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-h4rm-mm56-xf63 Fickling vulnerable to detection bypass due to "builtins" blindness
History

Fri, 16 Jan 2026 19:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:trailofbits:fickling:*:*:*:*:*:python:*:*
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Mon, 12 Jan 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 12 Jan 2026 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Trailofbits
Trailofbits fickling
Vendors & Products Trailofbits
Trailofbits fickling

Sat, 10 Jan 2026 01:45:00 +0000

Type Values Removed Values Added
Description Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, Fickling is vulnerable to detection bypass due to "builtins" blindness. This issue has been patched in version 0.1.7.
Title Fickling vulnerable to detection bypass due to "builtins" blindness
Weaknesses CWE-502
References
Metrics cvssV4_0

{'score': 8.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Trailofbits Fickling
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-12T18:18:29.466Z

Reserved: 2026-01-07T21:50:39.534Z

Link: CVE-2026-22612

cve-icon Vulnrichment

Updated: 2026-01-12T18:18:14.299Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-10T02:15:50.187

Modified: 2026-01-16T18:56:30.137

Link: CVE-2026-22612

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T07:30:36Z

Weaknesses