{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-71325", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-06-08T20:44:31.209Z", "datePublished": "2026-06-17T15:05:00.840Z", "dateUpdated": "2026-06-17T17:28:10.471Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-06-17T15:05:00.840Z"}, "datePublic": "2025-08-10T00:00:00.000Z", "title": "picklescan - Detection Bypass via STACK_GLOBAL Opcode Parsing Logic Flaw", "descriptions": [{"lang": "en", "value": "picklescan before 0.0.27 contains a parsing logic error in the _list_globals function when handling STACK_GLOBAL opcodes, failing to track arguments in the correct range and allowing malicious pickle files to bypass detection. Attackers can craft pickle files with arguments at position zero to trigger unexpected exceptions and evade security scanning."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Unchecked Error Condition", "cweId": "CWE-391", "type": "CWE"}]}], "affected": [{"vendor": "picklescan", "product": "picklescan", "defaultStatus": "unaffected", "packageURL": "pkg:pypi/picklescan", "versions": [{"version": "0", "status": "affected", "versionType": "semver", "lessThan": "0.0.27"}, {"version": "0.0.27", "status": "unaffected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:mmaitre314:picklescan:*:*:*:*:*:*:*:*", "versionEndExcluding": "0.0.27"}]}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://github.com/mmaitre314/picklescan/security/advisories/GHSA-9gvj-pp9x-gcfr", "name": "GHSA Advisory GHSA-9gvj-pp9x-gcfr", "tags": ["vendor-advisory"]}, {"url": "https://github.com/mmaitre314/picklescan/commit/2a8383cfeb4158567f9770d86597300c9e508d0f", "name": "https://github.com/mmaitre314/picklescan/commit/2a8383cfeb4158567f9770d86597300c9e508d0f", "tags": ["patch"]}, {"name": "VulnCheck Advisory: picklescan - Detection Bypass via STACK_GLOBAL Opcode Parsing Logic Flaw", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/picklescan-detection-bypass-via-stack-global-opcode-parsing-logic-flaw"}], "credits": [{"lang": "en", "value": "Lyutoon", "type": "reporter"}], "x_generator": {"engine": "vulncheck-endgame"}}, "adp": [{"references": [{"url": "https://github.com/mmaitre314/picklescan/security/advisories/GHSA-9gvj-pp9x-gcfr", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-17T17:27:40.928251Z", "id": "CVE-2025-71325", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-17T17:28:10.471Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-71325", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-06-17T17:27:40.928251Z"}}}], "references": [{"url": "https://github.com/mmaitre314/picklescan/security/advisories/GHSA-9gvj-pp9x-gcfr", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-17T17:28:07.638Z"}}], "cna": {"title": "picklescan - Detection Bypass via STACK_GLOBAL Opcode Parsing Logic Flaw", "credits": [{"lang": "en", "type": "reporter", "value": "Lyutoon"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "picklescan", "product": "picklescan", "versions": [{"status": "affected", "version": "0", "lessThan": "0.0.27", "versionType": "semver"}, {"status": "unaffected", "version": "0.0.27", "versionType": "semver"}], "packageURL": "pkg:pypi/picklescan", "defaultStatus": "unaffected"}], "datePublic": "2025-08-10T00:00:00.000Z", "references": [{"url": "https://github.com/mmaitre314/picklescan/security/advisories/GHSA-9gvj-pp9x-gcfr", "name": "GHSA Advisory GHSA-9gvj-pp9x-gcfr", "tags": ["vendor-advisory"]}, {"url": "https://github.com/mmaitre314/picklescan/commit/2a8383cfeb4158567f9770d86597300c9e508d0f", "name": "https://github.com/mmaitre314/picklescan/commit/2a8383cfeb4158567f9770d86597300c9e508d0f", "tags": ["patch"]}, {"url": "https://www.vulncheck.com/advisories/picklescan-detection-bypass-via-stack-global-opcode-parsing-logic-flaw", "name": "VulnCheck Advisory: picklescan - Detection Bypass via STACK_GLOBAL Opcode Parsing Logic Flaw", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck-endgame"}, "descriptions": [{"lang": "en", "value": "picklescan before 0.0.27 contains a parsing logic error in the _list_globals function when handling STACK_GLOBAL opcodes, failing to track arguments in the correct range and allowing malicious pickle files to bypass detection. Attackers can craft pickle files with arguments at position zero to trigger unexpected exceptions and evade security scanning."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-391", "description": "Unchecked Error Condition"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mmaitre314:picklescan:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "0.0.27"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-06-17T15:05:00.840Z"}}}, "cveMetadata": {"cveId": "CVE-2025-71325", "state": "PUBLISHED", "dateUpdated": "2026-06-17T17:28:10.471Z", "dateReserved": "2026-06-08T20:44:31.209Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-06-17T15:05:00.840Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,0.0.27)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "0.0.27"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "picklescan", "source": "cna", "vendor": "picklescan"}, "product": "picklescan", "vendor": "mmaitre314"}], "created": "2026-06-18T18:30:15.142153+00:00", "updated": "2026-06-18T22:15:03.909276+00:00", "vendors": ["mmaitre314", "mmaitre314$PRODUCT$picklescan"]}