picklescan vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
GHSA-4R9R-CH6F-VXMXMediumpicklescan: Picklescan missing detection when calling pytorch function…CVE-2025-71325Highpicklescan: Picklescan has pickle parsing logic flaw that leads to malicious pickle file bypassGHSA-V7X6-RV5Q-MHWCMediumpicklescan: Picklescan missing detection when calling built-in python library function timeit.timeit()GHSA-FJ43-3QMQ-673FMediumpicklescan: Picklescan failed to detect to some unsafe global function in Numpy libraryCVE-2025-46417Highpicklescan: Picklescan Vulnerable to Exfiltration via DNS via linecache and ssl.get_server_certificateCVE-2025-1944Mediumpicklescan: Zip Exploit Crashes Picklescan But Not PyTorch CVE-2025-1945Mediumpicklescan: Zip Flag Bit Exploit Crashes Picklescan But Not PyTorchCVE-2025-1716Mediumpicklescan: Picklescan Allows Remote Code Execution via Malicious Pickle File Bypassing Static AnalysisCVE-2025-1889Mediumpicklescan: PyTorch Model Files Can Bypass Pickle Scanners via Unexpected Pickle Extensions

Stop the waste.
Protect your environment with Kodem.