picklescan before 0.0.28 fails to detect malicious torch.fx.experimental.symbolicshapes.ShapeEnv.evaluateguards_expression function calls in pickle files. Attackers can embed undetected code in pickle files that executes remote code when loaded by victims.
{
"cna_assigner": "VulnCheck",
"cwe_ids": [
"CWE-502"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71356.json"
}