CVE-2026-53873

CRITICAL

picklescan - Arbitrary Code Execution via profile.run() Blocklist Bypass

Title source: cna
STIX 2.1

Description

picklescan before 1.0.4 contains an incomplete blocklist for the profile module that fails to block the module-level profile.run() function, allowing attackers to achieve arbitrary code execution via exec(). Attackers can craft malicious pickle files calling profile.run(statement) to execute arbitrary Python code while picklescan reports zero security issues.

References (2)

Core 2
Core References
Vendor Advisory vendor-advisory
GHSA Advisory GHSA-7wx9-6375-f5wh
https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7wx9-6375-f5wh
Third Party Advisory third-party-advisory
VulnCheck Advisory: picklescan - Arbitrary Code Execution via profile.run() Blocklist Bypass
https://www.vulncheck.com/advisories/picklescan-arbitrary-code-execution-via-profile-run-blocklist-bypass

Scores

CVSS v3 9.8
EPSS 0.0046
EPSS Percentile 36.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-184
Status published
Products (3)
picklescan/picklescan < 1.0.4
picklescan/picklescan 1.0.4
pypi/picklescan 0 - 1.0.4PyPI
Published Jun 17, 2026
Tracked Since Jun 17, 2026