CVE-2025-71342: picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.run.Executive.runcode in reduce methods. A
Summary
picklescan (a tool for detecting malicious code in pickle files, which are Python serialized objects) before version 0.0.30 has a vulnerability that allows attackers to hide malicious code in pickle files using a specific method (idlelib.run.Executive.runcode in reduce methods). When these files are loaded using pickle.load, the hidden code executes automatically, enabling RCE (remote code execution) and potential supply chain attacks on systems using PyTorch models.
Vulnerability Details
8.1(high)
EPSS: 0.0%
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
network
low
none
required
July 3, 2026
Classification
Taxonomy References
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-71342
First tracked: July 4, 2026 at 02:02 AM
Classified by LLM (prompt v3) · confidence: 92%