CVE-2026-53873 | picklescan before 1.0.4 contains an incomplete blocklist for… | CVSS 9.8 CRITICAL

Description

picklescan before 1.0.4 contains an incomplete blocklist for the profile module that fails to block the module-level profile.run() function, allowing attackers to achieve arbitrary code execution via exec(). Attackers can craft malicious pickle files calling profile.run(statement) to execute arbitrary Python code while picklescan reports zero security issues.

Metadata

CVE ID: CVE-2026-53873
State: PUBLISHED
Assigner: VulnCheck
Reserved: 2026-06-10 21:23 UTC
Published: 2026-06-17 15:05 UTC
Last updated: 2026-06-17 18:12 UTC
Primary CWE: CWE-184
Incomplete List of Disallowed Inputs
Vendor / Product: picklescan / picklescan
Sources: cve.org · NVD

Severity & Metrics

9.8 CRITICAL CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC — CISA Coordinator

Exploitation: PoC
Automatable: yes
Tech. Impact: total

Affected products (1)

Vendor	Product	Platform	Versions
picklescan	picklescan	—	0 < 1.0.4, 1.0.4

Weakness (CWE)

CWE	Source	Description
CWE-184	cna	Incomplete List of Disallowed Inputs

CVSS scores (2)

Score	Severity	Version	Source	Vector
9.8	CRITICAL	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3	CRITICAL	4.0	cna	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References (2)

GHSA Advisory GHSA-7wx9-6375-f5wh https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7wx9-6375-f5wh
VulnCheck Advisory: picklescan - Arbitrary Code Execution via profile.run() Blocklist Bypass https://www.vulncheck.com/advisories/picklescan-arbitrary-code-execution-via-profile-run-blocklist-bypass