picklescan Vulnerabilities

pip AI Security

AI Threat Alert tracks 91 known vulnerabilities in picklescan, 12 rated critical — an AI/ML ai security in the pip ecosystem. Each CVE includes CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis.

Data sources
53
Risk Score
91
Total CVEs
12
Critical
pip
Ecosystem
Jul 4, 2026
Last CVE
63%
Patch Rate
12d
Avg Time to Patch
414 stars 48 forks 6 issues 3 dependents Last push May 14, 2026
View on GitHub

Known Vulnerabilities (91 total, page 1 of 4)

Severity CVE ID Summary CVSS Published
HIGH CVE-2025-71375 picklescan: detection bypass enables pickle RCE 8.1 Jul 4, 2026 HIGH CVE-2025-71374 picklescan: scanner bypass enables pickle RCE 8.1 Jun 30, 2026 HIGH CVE-2025-71371 picklescan: malicious pickle bypasses RCE scan 8.1 Jun 30, 2026 HIGH CVE-2025-71368 picklescan: scan bypass lets malicious pickles hit RCE 8.1 Jun 30, 2026 HIGH CVE-2025-71363 picklescan: scanner bypass enables pickle RCE 8.1 Jun 30, 2026 UNKNOWN CVE-2025-71355 Picklescan: NumPy gadget bypass enables pickle RCE -- Jun 30, 2026 HIGH CVE-2025-71340 picklescan: scanner bypass enables RCE via pickle supply chain 8.1 Jun 25, 2026 HIGH CVE-2025-71361 picklescan: scanner bypass allows RCE via pickle load 8.1 Jun 24, 2026 HIGH CVE-2025-71354 picklescan: scanner bypass enables arbitrary code execution 8.1 Jun 24, 2026 CRITICAL CVE-2026-56315 picklescan: stdlib bypass enables arbitrary RCE 9.8 Jun 23, 2026 HIGH CVE-2025-71376 picklescan: scanner bypass enables undetected RCE 8.1 Jun 23, 2026 HIGH CVE-2025-71370 picklescan: scanner bypass enables arbitrary code execution 8.1 Jun 23, 2026 HIGH CVE-2025-71365 picklescan: detection bypass enables RCE via numpy.f2py 8.1 Jun 23, 2026 HIGH CVE-2025-71341 picklescan: scanner bypass enables undetected RCE via pickle 8.1 Jun 23, 2026 HIGH CVE-2025-71358 picklescan: scanner bypass enables RCE via pickle 8.1 Jun 22, 2026 HIGH CVE-2025-71344 picklescan: scanner bypass enables undetected pickle RCE 8.1 Jun 22, 2026 HIGH CVE-2025-71339 picklescan: scanner bypass enables arbitrary code execution 8.1 Jun 22, 2026 HIGH CVE-2025-71351 picklescan: scanner bypass enables RCE via pickle files -- Jun 21, 2026 HIGH CVE-2025-71378 picklescan: detection bypass enables RCE via pickle files 8.1 Jun 21, 2026 HIGH CVE-2025-71357 picklescan: detection bypass enables RCE via malicious models 8.1 Jun 21, 2026 HIGH CVE-2025-71348 picklescan: scanner bypass enables supply chain RCE 8.1 Jun 21, 2026 MEDIUM CVE-2026-56304 picklescan: FileHandler bypass creates filesystem artifacts 6.5 Jun 20, 2026 CRITICAL CVE-2026-53873 picklescan: blocklist bypass allows arbitrary code exec 9.8 Jun 17, 2026 CRITICAL CVE-2026-53874 picklescan: scanner bypass enables pickle RCE 9.8 Jun 17, 2026 HIGH CVE-2026-53872 picklescan: arbitrary file read bypasses RCE blocklist 7.5 Jun 17, 2026

Showing 1–25 of 91

Frequently asked questions

What is picklescan?

picklescan is an AI/ML ai security tracked by AI Threat Alert for security vulnerabilities in the pip ecosystem.

How many known vulnerabilities does picklescan have?

picklescan has 91 known CVEs, 12 of them critical, tracked from NVD and GitHub Advisory.

Which ecosystem is picklescan distributed in?

picklescan is distributed via the pip ecosystem and categorized as ai security.

Where does the picklescan vulnerability data come from?

Vulnerability data is sourced from NVD and GitHub Advisory, enriched with CVSS, EPSS, exploit signals, and patch status for each CVE.

How do I assess the risk of picklescan?

Review each CVE below — every entry shows CVSS severity, EPSS exploit probability, exploitation signals, and whether a patched version is available.

Monitor picklescan in your stack

Get instant alerts when new vulnerabilities affect picklescan. CISO analysis, ATLAS technique mappings, and compliance reports included.

Start Monitoring