CVE-2025-71370

picklescan before 0.0.28 fails to detect malicious torch.jit.unsupported tensor ops.execWrapper function calls embedded in pickle files. Attackers can craft malicious pickle files that bypass picklescan detection and execute arbitrary code when loaded via pickle.load().