CVE-2025-71372
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk30th percentile — higher than 30% of all known CVEs
Summary
Picklescan before version 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypassing Picklescan's safety checks.
Risk Assessment
The risk involves potential supply-chain poisoning of shared model files, leading to system compromise and data theft.
Recommendation
Immediately update Picklescan to version 0.0.33 or later and avoid loading pickle files from untrusted sources.
Original NVD description (English source)
Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypassing Picklescan's safety checks and enabling supply-chain poisoning of shared model files.

