Arbitrary Code Execution in Picklescan Vulnerability Affecting Python Models
CVE-2025-71372
7.6HIGH
What is CVE-2025-71372?
The vulnerability found in Picklescan allows attackers to exploit improper detection of the numpy.f2py.crackfortran.getlincoef gadget within pickle reduce methods. This oversight permits the execution of arbitrary Python code through specially crafted malicious pickle files. When loaded, these files can bypass Picklescan's safety measures, posing significant risks such as the potential for supply-chain poisoning of shared model files.
Affected Version(s)
Picklescan 0 < 0.0.33
Picklescan 0.0.33
