CVE-2025-1716: Picklescan Allows Remote Code Execution via Malicious Pickle File Bypassing Static Analysis
(updated )
An unsafe deserialization vulnerability in Python’s pickle module allows an attacker to bypass static analysis tools like Picklescan and execute arbitrary code during deserialization. This can be exploited to run pip install and fetch a malicious package, enabling remote code execution (RCE) upon package installation.
References
- github.com/advisories/GHSA-655q-fx9r-782v
- github.com/mmaitre314/picklescan
- github.com/mmaitre314/picklescan/commit/78ce704227c51f070c0c5fb4b466d92c62a7aa3d
- github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v
- github.com/pypa/advisory-database/tree/main/vulns/picklescan/PYSEC-2025-18.yaml
- nvd.nist.gov/vuln/detail/CVE-2025-1716
- sites.google.com/sonatype.com/vulnerabilities/cve-2025-1716
Code Behaviors & Features
Detect and mitigate CVE-2025-1716 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →