B3NCLOUD ARTICLE INTELLIGENCE

ARTICLEVIEW

Zurück zu News
cvefeed.io
RISK: Mittel (3.1)

CVE-2025-71320 - picklescan - Remote Code Execution via Incomplete Disallowed Inputs

CVE ID :CVE-2025-71320 Published : June 17, 2026, 3:04 p.m. | 2 hours, 4 minutes ago Description :picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.methodcaller functions, allowing attackers to bypass security checks. Remote attackers can...

#Sicherheitslücke
Original-Artikel öffnen Zurück zur Übersicht

VERWANDTEARTIKEL

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development

2026-06-17 Kritisch

27-Year-Old OpenBSD Vulnerability Allows Attackers to Bypass PAP Authentication Entirely

2026-06-17 Kritisch

USN-8442-1: kitty vulnerabilities

2026-06-17 Gering

U.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog

2026-06-17 Mittel

CVE-2026-53874 - picklescan - Arbitrary Code Execution via Obfuscated eval Call

2026-06-17 Mittel

CVE-2026-53872 - picklescan - Arbitrary File Read via Unsafe Pickle Deserialization

2026-06-17 Mittel