CVE-2025-10157
Picklescan is Vulnerable to Unsafe Globals Check Bypass through Subclass Imports
8.3
HIGH
CVSS 3.1
EPSS 0.27%
Description
A Protection Mechanism Failure vulnerability in mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass the unsafe globals check. This is possible because the scanner performs an exact match for module names, allowing malicious payloads to be loaded via submodules of dangerous packages (e.g., 'asyncio.unix_events' instead of 'asyncio'). When the incorrectly considered safe file is loaded after scan, it can lead to the execution of malicious code.
How to fix CVE-2025-10157
To remediate CVE-2025-10157, upgrade the affected package to a fixed version below.
- —upgrade to 0.0.31 or later
- —upgrade to 0.0.31 or later
Is CVE-2025-10157 being exploited?
Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 0.0.31
- from 0, < 0.0.31
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
| osv | CVSS 3.1 | HIGH8.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L |