CVE-2026-53875
HighCVSS 7.1Summary
Picklescan before version 1.0.3 contains a scanning bypass vulnerability in the scan_pytorch function. By using dynamic eval and the __reduce__ trick, attackers can embed malicious magic numbers in PyTorch payloads that evade picklescan detection.
Risk Assessment
This vulnerability allows for arbitrary code execution, posing a significant security risk to applications using PyTorch. Attackers can exploit this vulnerability to introduce malicious code into the system.
Recommendation
It is recommended to update picklescan to version 1.0.3 or later to mitigate this vulnerability. Additionally, monitoring and validating PyTorch payloads before loading them is advised.
Original NVD description (English source)
picklescan before 1.0.3 contains a scanning bypass vulnerability in the scan_pytorch function that allows attackers to embed malicious magic numbers via dynamic eval using the __reduce__ trick. Attackers can craft malicious PyTorch payloads that evade picklescan detection while remaining executable, enabling arbitrary code execution when loaded with torch.load().

