CVE-2025-71353 - CERT CVE
ID CVE-2025-71353
Sažetak picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch._dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with embedded code that evades picklescan detection and executes arbitrary commands when loaded.
Reference
CVSS
Base: 8.1
Impact: 5.2
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Zadnje važnije ažuriranje 04-07-2026 - 02:16
Objavljeno 04-07-2026 - 02:16