cbcvebase.
CVE-2025-1889
published 2025-03-03

CVE-2025-1889: picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that…

PriorityP348critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.36%
28.4th percentile
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not considered as part of the scope of picklescan, the file would pass security checks and appear to be safe, when it could instead prove to be problematic.

Affected

5 ranges
VendorProductVersion rangeFixed in
mmaitre314picklescan< 0.0.220.0.22
mmaitre314picklescan>= 0 < 0.0.220.0.22
mmaitre314picklescan>= 0 < 78ce704227c51f070c0c5fb4b466d92c62a7aa3d78ce704227c51f070c0c5fb4b466d92c62a7aa3d
mmaitre314picklescan>= 0 < 0.0.210.0.21
mmaitre314picklescan0.0.1 – 0.0.21

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.05.3MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
ghsa5.3MEDIUM
osv5.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.