Loading market data...
← Back to CVE feed

CVE-2025-71357

HIGH CVSS 8.1 View on NVD ↗

Description

picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Published: Jun 21, 2026 14:16 UTC Modified: Jun 21, 2026 14:16 UTC