All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2025-71353
HIGHpublished 2026-07-04 02:16 UTC · 13 hours ago
7.6
CVSS / 10
// description
picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch._dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with embedded code that evades picklescan detection and executes arbitrary commands when loaded.
// weaknesses (CWE)
- CWE-502