cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aesdecryptmessage in symmetric_encryption.py.
"https://github.com/pypa/advisory-database/blob/main/vulns/cryptidy/PYSEC-2026-1282.yaml"