CVE-2026-53875
Received Received - Intake
BaseFortify

Publication date: 2026-06-17

Last updated on: 2026-06-17

Assigner: VulnCheck

Description
picklescan before 1.0.3 contains a scanning bypass vulnerability in the scan_pytorch function that allows attackers to embed malicious magic numbers via dynamic eval using the __reduce__ trick. Attackers can craft malicious PyTorch payloads that evade picklescan detection while remaining executable, enabling arbitrary code execution when loaded with torch.load().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-17
Last Modified
2026-06-17
Generated
2026-06-17
AI Q&A
2026-06-17
EPSS Evaluated
N/A
NVD
CVE-2026-53875
EUVD
EUVD-2026-37741
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
picklescan picklescan to 1.0.3 (exc)
mmaitre314 picklescan to 1.0.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-95 The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call (e.g. "eval").
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-53875 is a high-severity vulnerability in the picklescan library, specifically in the scan_pytorch function before version 1.0.3. It allows attackers to bypass the scanning process by embedding malicious magic numbers through a dynamic eval technique using the __reduce__ method. This trick enables attackers to craft malicious PyTorch payloads that evade picklescan's detection mechanisms while remaining executable.

When these malicious payloads are loaded using torch.load(), they can execute arbitrary code, leading to potential arbitrary code execution (ACE) or remote code execution (RCE) attacks.

Impact Analysis

This vulnerability can have serious impacts as it enables attackers to execute arbitrary code on systems that use vulnerable versions of picklescan when loading malicious PyTorch payloads. Because the attack requires no privileges or user interaction and has low complexity, it poses a significant security risk.

  • Attackers can bypass security scans designed to detect malicious pickle files.
  • Malicious payloads can execute arbitrary code, potentially compromising system integrity and confidentiality.
  • This can lead to remote code execution, allowing attackers to control affected systems.
Detection Guidance

This vulnerability involves malicious PyTorch payloads crafted to evade detection by picklescan's scan_pytorch function. Detection requires analyzing pickle files for suspicious dynamic eval usage in the __reduce__ method that embeds malicious magic numbers.

Since picklescan versions prior to 1.0.3 are vulnerable, one detection method is to run picklescan on PyTorch pickle files and check if any suspicious payloads bypass the scan.

Suggested commands include:

  • Use picklescan to scan PyTorch pickle files: `picklescan scan_pytorch <file>`
  • Manually inspect pickle files for dynamic eval usage in the __reduce__ method by extracting and analyzing pickle contents.
  • Monitor for unexpected file creations or executions triggered by loading PyTorch pickle files with torch.load().
Mitigation Strategies

The primary mitigation step is to upgrade picklescan to version 1.0.3 or later, where this vulnerability has been patched.

Additionally, avoid loading untrusted PyTorch pickle files with torch.load() as they may contain malicious payloads exploiting this vulnerability.

Implement monitoring and alerting for suspicious activity related to pickle file loading and execution.

Compliance Impact

CVE-2026-53875 enables arbitrary code execution through crafted PyTorch payloads that bypass picklescan detection. This vulnerability could lead to unauthorized access or manipulation of sensitive data if exploited in environments handling personal or protected health information.

Such unauthorized code execution risks violating data protection regulations like GDPR and HIPAA, which require safeguarding data confidentiality, integrity, and availability. Exploitation could result in data breaches or unauthorized data processing, thereby impacting compliance with these standards.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53875. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart