| Vendor | Product | Version Range | Status |
|---|---|---|---|
| picklescan | picklescan | < 0.0.34 | affected |
0.0.34 | unaffected |
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| picklescan | picklescan | 0 ~ 0.0.34 | - |
| # | POC Description | Source Link | Shenlong Link |
|---|
| CVE-2025-71356 | 8.1 HIGH | picklescan - Arbitrary Code Execution via torch.fx.experimental.symbolic_shapes.ShapeEnv.e |
| CVE-2025-71372 | 8.1 HIGH | Picklescan - Arbitrary Code Execution via numpy.f2py.crackfortran.getlincoef Gadget |
| CVE-2025-71367 | 8.1 HIGH | picklescan - Remote Code Execution via _operator.attrgetter Detection Bypass |
| CVE-2025-71347 | 8.1 HIGH | picklescan - Undetected Remote Code Execution via numpy.f2py.crackfortran.param_eval |
| CVE-2025-71366 | 8.1 HIGH | picklescan - Arbitrary Code Execution via torch.utils.bottleneck.__main__.run_cprofile |
| CVE-2025-71369 | 8.1 HIGH | picklescan - Unsafe Deserialization via torch.utils.data.datapipes.utils.decoder.basichand |
| CVE-2025-71373 | 8.1 HIGH | picklescan - Remote Code Execution via operator.methodcaller Detection Bypass |
| CVE-2025-71362 | 8.1 HIGH | picklescan - Arbitrary Code Execution via Unsafe Deserialization in numpy.f2py.crackfortra |
| CVE-2025-71360 | 8.1 HIGH | picklescan - Remote Code Execution via Undetected idlelib.calltip.get_entity |
| CVE-2025-71364 | 8.1 HIGH | picklescan - Arbitrary Code Execution via Undetected asyncio.unix_events._UnixSubprocessTr |
| CVE-2025-71359 | 8.1 HIGH | picklescan - Unsafe Deserialization via lib2to3.pgen2.grammar.Grammar.loads |
| CVE-2025-71342 | 8.1 HIGH | picklescan - Undetected Remote Code Execution via idlelib.run.Executive.runcode |
| CVE-2025-71353 | 8.1 HIGH | picklescan - Remote Code Execution via torch._dynamo.guards.GuardBuilder.get |
| CVE-2025-71343 | 8.1 HIGH | picklescan - Arbitrary Code Execution via lib2to3.pgen2.pgen.ParserGenerator.make_label De |
| CVE-2025-71345 | 8.1 HIGH | picklescan - Arbitrary Code Execution via torch.utils.bottleneck.__main__.run_autograd_pro |
No comments yet