CVE-2025-71341 picklescan CVE debrief

Who should care

Developers and users of the picklescan library, especially those using versions before 0.0.29, should be aware of this vulnerability. This vulnerability can allow remote attackers to execute arbitrary code, potentially leading to system compromise. Users of applications that utilize picklescan for pickle file analysis are also advised to take precautions.

Technical summary

The picklescan library, used for analyzing pickle files, has a vulnerability that allows remote code execution. The library fails to detect the profile.Profile.runctx function, which can be used by attackers to embed malicious code in pickle files. When these malicious files are loaded, the embedded code can be executed, leading to potential system compromise. The vulnerability is due to the incomplete detection of profile.Profile.runctx in the reduce method. This issue affects picklescan versions before 0.0.29.

Defensive priority

High priority should be given to updating the picklescan library to version 0.0.29 or later. In the meantime, users should exercise caution when loading pickle files from untrusted sources.

Recommended defensive actions

• Update picklescan to version 0.0.29 or later.
• Implement input validation and sanitization for pickle files.
• Use secure methods for loading pickle files.
• Monitor systems for suspicious activity related to pickle file loading.
• Consider using alternative libraries for pickle file analysis.

Evidence notes

The CVE-2025-71341 vulnerability was published on June 23, 2026, and last modified on June 23, 2026. The vulnerability has a CVSS score of 7.6 and is considered HIGH severity. The vulnerability is caused by the picklescan library's failure to detect the profile.Profile.runctx function when analyzing pickle files.

Official resources