CVE-2025-71372 HIGH

CVE-2025-71372: Picklescan - Arbitrary Code Execution via numpy.f2py.crackfortran.getlincoef Gadget

Vendor Picklescan
Product Picklescan
Weakness CWE-502 · Unsafe deserialization
Published July 4, 2026
Last update July 4, 2026

CVSS base score

7.6/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypassing Picklescan's safety checks and enabling supply-chain poisoning of shared model files.

Key dates

02Disclosure timeline

July 4, 2026 CVE published

Related vulnerabilities

04Related CVE