CVE-2025-71348
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk27th percentile - higher than 27% of all known CVEs
Summary
The vulnerability in picklescan before version 0.0.28 fails to detect malicious pickle files that invoke the torch.utils._config_module.load_config function within reduce methods. Attackers can craft pickle files embedding arbitrary code that evades detection but executes during pickle.load, enabling remote code execution in supply chain attacks.
Risk Assessment
The organization is at risk of remote code execution by an attacker who can deliver a malicious pickle file through the supply chain, potentially leading to system compromise or data theft.
Recommendation
Immediately update picklescan to version 0.0.28 or later, which includes fixes to detect this bypass technique. Additionally, implement integrity verification mechanisms for pickle files before loading them.
Original NVD description (English source)
picklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils._config_module.load_config function within reduce methods. Attackers can craft pickle files embedding arbitrary code that evades detection but executes during pickle.load, enabling remote code execution in supply chain attacks.

