CVE Catalog

CVE-2025-71372

HighCVSS 8.1
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.38%

30th percentile — higher than 30% of all known CVEs

Summary

Picklescan before version 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypassing Picklescan's safety checks.

Risk Assessment

The risk involves potential supply-chain poisoning of shared model files, leading to system compromise and data theft.

Recommendation

Immediately update Picklescan to version 0.0.33 or later and avoid loading pickle files from untrusted sources.

Original NVD description (English source)

Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypassing Picklescan's safety checks and enabling supply-chain poisoning of shared model files.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS