CVE-2025-71364
Received Received - Intake

Picklescan Unpickling Flaw Enables Remote Code Execution

Vulnerability report for CVE-2025-71364, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-04

Last updated on: 2026-07-04

Assigner: VulnCheck

Description

picklescan before 0.0.30 fails to detect the asyncio.unix_events._UnixSubprocessTransport._start function in pickle reduce methods, allowing remote code execution. Attackers can craft malicious pickle files embedding this built-in function that evade detection but execute arbitrary commands when loaded.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-04
Last Modified
2026-07-04
Generated
2026-07-04
AI Q&A
2026-07-04
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
mmaitre314 picklescan to 0.0.29 (inc)
mmaitre314 picklescan 0.0.30

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2025-71364 is a vulnerability in the picklescan library versions before 0.0.30 where the library fails to detect the use of the built-in Python function asyncio.unix_events._UnixSubprocessTransport._start in pickle reduce methods.

An attacker can craft malicious pickle files embedding this function that evade detection by picklescan but execute arbitrary commands when the pickle file is loaded, leading to remote code execution.

Impact Analysis

This vulnerability can have significant impact on individuals or organizations relying on picklescan to detect malicious pickle files.

  • Attackers can embed undetected malicious code in pickle files distributed across machine learning models, APIs, or saved Python objects.
  • Loading such malicious pickle files can lead to remote code execution on the victim's system.
  • This can result in supply chain attacks or unauthorized control over affected systems.
Detection Guidance

This vulnerability involves malicious pickle files that embed the asyncio.unix_events._UnixSubprocessTransport._start function in their reduce methods, which picklescan versions before 0.0.30 fail to detect.

To detect this vulnerability on your system, you should check the version of picklescan installed and verify if it is older than 0.0.30, as these versions do not detect the malicious function.

You can run the following command to check the installed picklescan version:

  • pip show picklescan

To scan pickle files for malicious content, use picklescan on suspicious pickle files. However, note that versions before 0.0.30 may not detect this specific malicious function.

  • picklescan suspicious_file.pkl

Monitoring network traffic for unexpected or suspicious pickle file transfers, especially from untrusted sources, can also help detect potential exploitation attempts.

Mitigation Strategies

The primary mitigation step is to upgrade picklescan to version 0.0.30 or later, where the detection of the malicious asyncio.unix_events._UnixSubprocessTransport._start function has been fixed.

Avoid loading pickle files from untrusted or unauthenticated sources, as these can contain malicious code that executes upon deserialization.

Implement strict validation and scanning of pickle files before loading them, using the updated picklescan tool.

Consider additional security controls such as running unpickling operations in isolated or sandboxed environments to limit potential damage from malicious code execution.

Compliance Impact

The CVE-2025-71364 vulnerability allows remote code execution via malicious pickle files that evade detection by the picklescan library. This can lead to unauthorized execution of arbitrary commands, potentially resulting in data breaches or unauthorized access to sensitive information.

Such unauthorized access or data breaches can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data against unauthorized access and processing.

Organizations relying on picklescan to detect malicious pickle files may be at risk of supply chain attacks or data compromise if they use vulnerable versions, thereby increasing their compliance risk.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-71364. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart