GHSA-g38g-8gr9-h9xp: PickleScan has multiple stdlib modules with direct RCE not in blocklist

March 3, 2026

picklescan v1.0.3 (latest) does not block at least 7 Python standard library modules that provide direct arbitrary command execution or code evaluation. A malicious pickle file importing these modules is reported as having 0 issues (CLEAN scan). This enables remote code execution that bypasses picklescan entirely.

References

github.com/advisories/GHSA-g38g-8gr9-h9xp
github.com/mmaitre314/picklescan
github.com/mmaitre314/picklescan/security/advisories/GHSA-g38g-8gr9-h9xp

Code Behaviors & Features

Detect and mitigate GHSA-g38g-8gr9-h9xp with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →