AI Threat Alert

picklescan Vulnerabilities

pip AI Security
53
Risk Score
59
Total CVEs
4
Critical
pip
Ecosystem
Mar 3, 2026
Last CVE
95%
Patch Rate
12d
Avg Time to Patch
406 stars 49 forks 6 issues 3 dependents Last push May 14, 2026
View on GitHub

Known Vulnerabilities (59 total, page 1 of 3)

Severity CVE ID Summary CVSS Published
MEDIUM CVE-2025-1889 picklescan: extension bypass enables RCE on model load -- Mar 3, 2025 MEDIUM CVE-2025-1716 picklescan: scanner bypass enables supply chain RCE -- Mar 3, 2025 HIGH CVE-2025-46417 picklescan: scanner bypass enables DNS data exfiltration -- Apr 7, 2025 MEDIUM GHSA-fj43-3qmq-673f picklescan: numpy bypass enables RCE in ML model pipelines -- Apr 7, 2025 MEDIUM GHSA-v7x6-rv5q-mhwc picklescan: bypass allows silent RCE in ML pipelines -- Apr 7, 2025 HIGH GHSA-9gvj-pp9x-gcfr picklescan: detection bypass allows malicious pickle exec -- Aug 12, 2025 MEDIUM GHSA-4r9r-ch6f-vxmx picklescan: PyTorch bypass allows undetected RCE -- Aug 22, 2025 MEDIUM GHSA-86cj-95qr-2p4f picklescan: detection bypass enables PyTorch model RCE -- Aug 22, 2025 MEDIUM GHSA-f4x7-rfwp-v3xw picklescan: scanner bypass enables RCE via PyTorch function -- Aug 22, 2025 MEDIUM GHSA-f745-w6jp-hpxx picklescan: RCE bypass via torch.utils.collect_env -- Aug 22, 2025 MEDIUM GHSA-h3qp-7fh3-f8h4 picklescan: detection bypass via PyTorch proxy RCE -- Aug 22, 2025 MEDIUM GHSA-vr7h-p6mm-wpmh picklescan: PyTorch gadget bypasses pickle RCE detection -- Aug 22, 2025 MEDIUM GHSA-vv6j-3g6g-2pvj picklescan: PyTorch gadget bypasses scanner, enables RCE -- Aug 22, 2025 MEDIUM GHSA-5qwp-399c-mjwf picklescan: bypass enables undetected RCE in ML models -- Aug 26, 2025 MEDIUM GHSA-g344-hcph-8vgg picklescan: scanner bypass enables RCE in ML pipelines -- Aug 26, 2025 MEDIUM GHSA-x696-vm39-cp64 picklescan: scan bypass allows RCE in ML pipelines -- Aug 26, 2025 MEDIUM GHSA-6vqj-c2q5-j97w picklescan: scanner bypass enables RCE via ML models -- Aug 26, 2025 MEDIUM GHSA-f54q-57x4-jg88 picklescan: scanner bypass enables RCE in ML models -- Aug 26, 2025 MEDIUM GHSA-3vg9-h568-4w9m picklescan: RCE bypass via idlelib SetText evasion -- Aug 26, 2025 MEDIUM GHSA-6w4w-5w54-rjvr picklescan: detection bypass allows RCE via ML model files -- Aug 26, 2025 MEDIUM GHSA-7cq8-mj8x-j263 picklescan: detection bypass allows malicious pickle RCE -- Aug 26, 2025 MEDIUM GHSA-cj3c-v495-4xqh picklescan: security bypass enables RCE in ML pipelines -- Aug 26, 2025 MEDIUM GHSA-8r4j-24qv-fmq9 picklescan: RCE bypass enables ML supply chain attack -- Aug 26, 2025 MEDIUM GHSA-9xph-j2h6-g47v picklescan: scanner bypass enables RCE via model files -- Aug 26, 2025 MEDIUM GHSA-4whj-rm5r-c2v8 picklescan: scanner bypass enables PyTorch gadget RCE -- Aug 26, 2025

Showing 1–25 of 59

Next →

Monitor picklescan in your stack

Get instant alerts when new vulnerabilities affect picklescan. CISO analysis, ATLAS technique mappings, and compliance reports included.

Start Monitoring