CVE-2025-71365 - picklescan - Arbitrary Code Execution via numpy.f2py.crackfortran.myeval Detection Bypass
CVE ID :CVE-2025-71365
Published : June 23, 2026, 12:12 p.m. | 1 hour, 28 minutes ago
Description :picklescan before 0.0.33 fails to detect malicious pickle files that invoke numpy.f2py.crackfortran.myeval function through the reduce method. Attackers can craft malicious pickle files embedding arbitrary code that evades picklescan detection and executes remote code when loaded.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : June 23, 2026, 12:12 p.m. | 1 hour, 28 minutes ago
Description :picklescan before 0.0.33 fails to detect malicious pickle files that invoke numpy.f2py.crackfortran.myeval function through the reduce method. Attackers can craft malicious pickle files embedding arbitrary code that evades picklescan detection and executes remote code when loaded.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...