CVE-2025-71355 HIGH

CVE-2025-71355: Picklescan - Arbitrary Code Execution via Unsafe Numpy Function Detection Bypass

Vendor Picklescan
Product Picklescan
Weakness CWE-184
Published June 30, 2026
Last update July 1, 2026

CVSS base score

7.6/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Picklescan before 0.0.25 fails to detect unsafe global functions in the Numpy library, allowing attackers to bypass static analysis and execute arbitrary code during deserialization. Attackers can craft malicious pickle files using numpy.testing._private.utils.runstring within the reduce method to import dangerous libraries like os and execute arbitrary OS commands when the pickle file is loaded.

Key dates

02Disclosure timeline

June 30, 2026 CVE published
July 1, 2026 Record updated