AI Threat Alert

picklescan Vulnerabilities

pip AI Security

53

Risk Score

59

Total CVEs

4

Critical

pip

Ecosystem

Mar 3, 2026

Last CVE

95%

Patch Rate

12d

Avg Time to Patch

406 stars 49 forks 6 issues 3 dependents Last push May 14, 2026

Known Vulnerabilities (59 total, page 2 of 3)

Severity CVE ID Summary CVSS Published

MEDIUM GHSA-xp4f-hrf8-rxw7 picklescan: scanner bypass leads to undetected RCE -- Aug 26, 2025 MEDIUM GHSA-p9w7-82w4-7q8m picklescan: detection bypass allows pickle RCE in ML pipelines -- Aug 26, 2025 MEDIUM GHSA-m869-42cg-3xwr picklescan: scanner bypass enables RCE via ML models -- Aug 26, 2025 MEDIUM GHSA-j343-8v2j-ff7w picklescan: scanner bypass allows pickle-based RCE -- Aug 26, 2025 MEDIUM GHSA-3gf5-cxq9-w223 picklescan: scanner bypass enables pickle RCE in ML models -- Aug 26, 2025 MEDIUM GHSA-fqq6-7vqf-w3fg picklescan: detection bypass allows undetected RCE in ML models -- Aug 26, 2025 MEDIUM GHSA-9w88-8rmg-7g2p picklescan: scan bypass allows silent RCE via ML models -- Aug 26, 2025 MEDIUM GHSA-49gj-c84q-6qm9 picklescan: scanner bypass enables RCE via ML model files -- Aug 26, 2025 MEDIUM GHSA-q77w-mwjj-7mqx picklescan: scanner bypass enables model RCE -- Aug 26, 2025 HIGH CVE-2025-10157 PickleScan: subclass bypass enables malicious model RCE 8.3 Sep 10, 2025 HIGH CVE-2025-10156 Picklescan: CRC bypass hides malicious pickle in ZIP 7.5 Sep 10, 2025 HIGH GHSA-m273-6v24-x4m4 picklescan: Deserialization enables RCE -- Dec 29, 2025 HIGH GHSA-4675-36f9-wf6r picklescan: Allowlist Bypass evades input filtering -- Dec 29, 2025 HIGH GHSA-84r2-jw7c-4r5q picklescan: Allowlist Bypass evades input filtering -- Dec 29, 2025 HIGH GHSA-vqmv-47xg-9wpr picklescan: Deserialization enables RCE -- Dec 29, 2025 HIGH GHSA-hgrh-qx5j-jfwx picklescan: Protection Bypass circumvents security controls 8.8 Dec 29, 2025 HIGH GHSA-r8g5-cgf2-4m4m picklescan: Deserialization enables RCE -- Dec 29, 2025 HIGH GHSA-x843-g5mx-g377 picklescan: Code Injection enables RCE -- Dec 29, 2025 HIGH GHSA-3329-ghmp-jmv5 picklescan: Code Injection enables RCE -- Dec 29, 2025 MEDIUM GHSA-cffc-mxrf-mhh4 picklescan: Code Injection enables RCE -- Dec 29, 2025 HIGH GHSA-rrxm-2pvv-m66x picklescan: Code Injection enables RCE -- Dec 30, 2025 MEDIUM GHSA-6556-fwc2-fg2p picklescan: Code Injection enables RCE -- Dec 30, 2025 HIGH GHSA-955r-x9j8-7rhh picklescan: Code Injection enables RCE -- Dec 30, 2025 HIGH GHSA-46h3-79wf-xr6c picklescan: Code Injection enables RCE -- Dec 30, 2025 HIGH GHSA-9726-w42j-3qjr picklescan: Path Traversal enables file access -- Jan 8, 2026

Showing 26–50 of 59

← Previous Next →

Monitor picklescan in your stack

Get instant alerts when new vulnerabilities affect picklescan. CISO analysis, ATLAS technique mappings, and compliance reports included.

Start Monitoring