Remote Code Execution Risk in Picklescan by MMAITRE314
CVE-2025-71373
7.6HIGH
What is CVE-2025-71373?
Picklescan versions prior to 0.0.33 are susceptible to a vulnerability that permits remote attackers to exploit the operator.methodcaller function within pickle files. This defect allows malicious actors to craft specially designed pickle payloads, which can evade detection during security checks. When these payloads are processed, they can execute arbitrary code on affected systems that rely on Picklescan for validation, potentially leading to unauthorized access and system compromise.
Affected Version(s)
picklescan 0 < 0.0.33
picklescan 0.0.33
