CVE-2025-71376
Published
CVSS v3
8.1
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.autocomplete.AutoComplete.fetch_completions in reduce methods. Attackers can embed undetected code in pickle files that executes arbitrary commands when loaded by victims.
Security scanner detecting Python Pickle files performing suspicious actions
GitHub