B3NCLOUD ARTICLE INTELLIGENCE

ARTICLEVIEW

Zurück zu News

CVE-2025-71363 - picklescan - Arbitrary Code Execution via Undetected cProfile.run in Pickle Deserialization

CVE ID :CVE-2025-71363 Published : June 30, 2026, 10:08 p.m. | 1 hour, 4 minutes ago Description :picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files with...

Original-Artikel öffnen Zurück zur Übersicht