GHSA-83pf-v6qq-pwmr: Fickling has a detection bypass via stdlib network-protocol constructors

February 20, 2026 (updated February 23, 2026)

Fickling’s check_safety() API and --check-safety CLI flag incorrectly rate as LIKELY_SAFE pickle files that open outbound TCP connections at deserialization time using stdlib network-protocol constructors: smtplib.SMTP, imaplib.IMAP4, ftplib.FTP, poplib.POP3, telnetlib.Telnet, and nntplib.NNTP.

The bypass exploits two independent root causes described below.

References

github.com/advisories/GHSA-83pf-v6qq-pwmr
github.com/trailofbits/fickling
github.com/trailofbits/fickling/commit/6d20564d23acf14b42ec883908aed159be7b9ade
github.com/trailofbits/fickling/pull/233
github.com/trailofbits/fickling/security/advisories/GHSA-83pf-v6qq-pwmr

Code Behaviors & Features

Detect and mitigate GHSA-83pf-v6qq-pwmr with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →