picklescan vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
GHSA-G38G-8GR9-H9XPCriticalpicklescan: PickleScan has multiple stdlib modules with direct RCE not in blocklistCVE-2026-3490Criticalpicklescan: PickleScan's pkgutil.resolve_name has a universal blocklist bypassCVE-2026-53873Criticalpicklescan: PickleScan's profile.run blocklist mismatch allows exec() bypassCVE-2026-53875Highpicklescan: Picklescan (scan_pytorch) Bypass via dynamic eval MAGIC_NUMBERGHSA-M7J5-R2P5-C39RMediumpicklescan: picklescan vulnerable to arbitrary file create using logging.FileHandlerCVE-2026-53874Highpicklescan: picklescan missing detection by simple obfuscation of a `builtins.eval` callCVE-2026-53872Highpicklescan: picklescan has Arbitrary file read using `io.FileIO` GHSA-46H3-79WF-XR6CHighpicklescan: Picklescan is vulnerable to RCE via missing detection when calling built-in python…GHSA-955R-X9J8-7RHHHighpicklescan: Picklescan is vulnerable to RCE via missing detection when calling built-in python…CVE-2025-71339Mediumpicklescan: Picklescan is vulnerable to RCE through missing detection when calling…GHSA-RRXM-2PVV-M66XHighpicklescan: Picklescan is vulnerable to RCE via missing detection when calling…GHSA-CFFC-MXRF-MHH4Mediumpicklescan: Picklescan is vulnerable to RCE via missing detection when calling…GHSA-3329-GHMP-JMV5Highpicklescan: Picklescan is vulnerable to RCE through missing detection when calling…GHSA-X843-G5MX-G377Highpicklescan: Picklescan is vulnerable to RCE through missing detection when calling built-in python…GHSA-R8G5-CGF2-4M4MHighpicklescan: Picklescan missing detection when calling numpy.f2py.crackfortran.getlincoefCVE-2025-71322Highpicklescan: Picklescan Bypasses Unsafe Globals Check using pty.spawnGHSA-VQMV-47XG-9WPRHighpicklescan: Picklescan missing detection when calling pty.spawnCVE-2025-71320Highpicklescan: Picklescan has Incomplete List of Disallowed InputsCVE-2025-71323Highpicklescan: Picklescan does not block ctypesCVE-2025-71321Highpicklescan: Picklescan vulnerable to Arbitrary File WritingCVE-2025-10155Criticalpicklescan: Picklescan Bypass is Possible via File Extension MismatchCVE-2025-10156Criticalpicklescan: Picklescan: ZIP archive scan bypass is possible through non-exhaustive Cyclic Redundancy CheckCVE-2025-10157Criticalpicklescan: Picklescan is Vulnerable to Unsafe Globals Check Bypass through Subclass ImportsGHSA-Q77W-MWJJ-7MQXMediumpicklescan: Picklescan is missing detection when calling built-in python library…GHSA-49GJ-C84Q-6QM9Mediumpicklescan: Picklescan is missing detection when calling built-in python cProfile.run

Stop the waste.
Protect your environment with Kodem.