CVE-2025-10156
CRITICALmmaitre314 picklescan < 0.0.31 - Security Scan Bypass via Malformed ZIP CRC
Title source: llmDescription
An Improper Handling of Exceptional Conditions vulnerability in the ZIP archive scanning component of mmaitre314 picklescan allows a remote attacker to bypass security scans. This is achieved by crafting a ZIP archive containing a file with a bad Cyclic Redundancy Check (CRC), which causes the scanner to halt and fail to analyze the contents for malicious pickle files. When the file incorrectly considered safe is loaded, it can lead to the execution of malicious code.
References (4)
Core 4
Core References
Not Applicable exploit
https://huggingface.co/jinaai/jina-embeddings-v2-base-en/resolve/main/pytorch_model.bin?download=true
Not Applicable exploit
https://huggingface.co/jinaai/jina-embeddings-v2-base-en/tree/main
Product related
https://github.com/mmaitre314/picklescan/blob/v0.0.29/src/picklescan/relaxed_zipfile.py#L35
Exploit, Vendor Advisory vendor-advisory
https://github.com/mmaitre314/picklescan/security/advisories/GHSA-mjqp-26hc-grxg
Scores
CVSS v3
9.8
EPSS
0.0143
EPSS Percentile
69.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-755
Status
published
Products (2)
mmaitre314/picklescan
< 0.0.31
pypi/picklescan
0 - 0.0.31PyPI
Published
Sep 17, 2025
Tracked Since
Feb 18, 2026