CVE-2025-10155
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2025-10155. We'll provide specific mitigation strategies based on your environment and risk profile.
Description
An Improper Input Validation vulnerability in the scanning logic of mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass pickle files security checks by supplying a standard pickle file with a PyTorch-related file extension. When the pickle file incorrectly considered safe is loaded, it can lead to the execution of malicious code.
Available Exploits
Related News
Affected Products
Affected Versions:
EU Vulnerability Database
Monitored by ENISA for EU cybersecurity
ENISA Analysis
An Improper Input Validation vulnerability in the scanning logic of mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass pickle files security checks by supplying a standard pickle file with a PyTorch-related file extension. When the pickle file incorrectly considered safe is loaded, it can lead to the execution of malicious code.
Affected Products (ENISA)
ENISA Scoring
CVSS Score (4.0)
EPSS Score
ENISA References
Data provided by ENISA EU Vulnerability Database. Last updated: September 17, 2025