CVE-2025-10155

Name of the Vulnerable Software and Affected Versions mmaitre314 picklescan versions up to and including 0.0.30

Description An Improper Input Validation vulnerability exists in the scanning logic of picklescan. This flaw allows a remote attacker to bypass pickle files security checks by supplying a standard pickle file with a PyTorch-related file extension. When the pickle file is incorrectly considered safe and loaded, it can lead to the execution of malicious code. The issue arises because the scanner prioritizes PyTorch file extension checks and fails to fall back to standard pickle analysis when encountering a standard pickle file with a PyTorch extension. This allows attackers to disguise malicious pickle payloads within files that would otherwise be scanned for pickle-based threats.

Recommendations Versions prior to 0.0.30: Modify the scanning logic to ensure that standard pickle scanning is attempted as a fallback mechanism when PyTorch scanning fails or is not applicable. Specifically, always attempt to scan the file as a standard pickle, regardless of the success or failure of the PyTorch scan or the file extension.