Home > Vulnerability Database > CVE-2025-10157

Mend.io Vulnerability Database

CVE-2025-10157

Good to know:

Date: September 17, 2025

A Protection Mechanism Failure vulnerability in mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass the unsafe globals check. This is possible because the scanner performs an exact match for module names, allowing malicious payloads to be loaded via submodules of dangerous packages (e.g., 'asyncio.unix_events' instead of 'asyncio'). When the incorrectly considered safe file is loaded after scan, it can lead to the execution of malicious code.

Severity Score

8.8

Related Resources (8)

Url: https://github.com/mmaitre314/picklescan/blob/2a8383cfeb4158567f9770d86597300c9e508d0f/src/picklescan/scanner.py#L309

Url: https://huggingface.co/iluem/linux_pkl/resolve/main/asyncio_asyncio_unix_events___UnixSubprocessTransport__start.pkl

Url: https://github.com/mmaitre314/picklescan

Url: https://github.com/mmaitre314/picklescan/pull/50

Url: https://github.com/mmaitre314/picklescan/commit/28a7b4ef753466572bda3313737116eeb9b4e5c5

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-10157

Url: https://github.com/mmaitre314/picklescan/security/advisories/GHSA-f7qq-56ww-84cr

Url: https://www.mend.io/vulnerability-database/CVE-2025-10157

Severity Score

8.8

Weakness Type (CWE)

Protection Mechanism Failure

CWE-693

Top Fix

Upgrade Version

Upgrade to version picklescan - 0.0.31

Learn More

CVSS v3.1

Base Score:	8.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-10157

Good to know:

Date: September 17, 2025

Severity Score

Related Resources (8)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?