icon

We found results for “

CVE-2025-10155

Good to know:

icon
icon

Date: September 17, 2025

An Improper Input Validation vulnerability in the scanning logic of mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass pickle files security checks by supplying a standard pickle file with a PyTorch-related file extension. When the pickle file incorrectly considered safe is loaded, it can lead to the execution of malicious code.

Severity Score

Severity Score

Weakness Type (CWE)

Improper Input Validation

CWE-20

Protection Mechanism Failure

CWE-693

Top Fix

icon

Upgrade Version

Upgrade to version picklescan - 0.0.31

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us