CVE-2026-56315 | picklescan before 1.0.4 fails to block at least seven Python… | CVSS 9.8 CRITICAL

Description

picklescan before 1.0.4 fails to block at least seven Python standard library modules (including uuid, _osx_support, _aix_support, _pyrepl.pager, and imaplib) exposing eight functions that provide direct arbitrary command execution. Attackers can craft malicious pickle files importing these unblocked modules to achieve remote code execution while bypassing picklescan's safety validation entirely.

Metadata

CVE ID: CVE-2026-56315
State: PUBLISHED
Assigner: VulnCheck
Reserved: 2026-06-20 12:59 UTC
Published: 2026-06-23 12:13 UTC
Last updated: 2026-06-23 13:16 UTC
Primary CWE: CWE-184
Incomplete List of Disallowed Inputs
Vendor / Product: picklescan / picklescan
Sources: cve.org · NVD

Severity & Metrics

9.8 CRITICAL CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC — CISA Coordinator

Exploitation: PoC
Automatable: yes
Tech. Impact: total

Affected products (1)

Vendor	Product	Platform	Versions
picklescan	picklescan	—	0 < 1.0.4, 1.0.4

Weakness (CWE)

CWE	Source	Description
CWE-184	cna	Incomplete List of Disallowed Inputs

CVSS scores (2)

Score	Severity	Version	Source	Vector
9.8	CRITICAL	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3	CRITICAL	4.0	cna	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References (2)

GitHub Security Advisory (GHSA-g38g-8gr9-h9xp) https://github.com/mmaitre314/picklescan/security/advisories/GHSA-g38g-8gr9-h9xp
VulnCheck Advisory: picklescan - Remote Code Execution via Unblocked Standard Library Modules https://www.vulncheck.com/advisories/picklescan-remote-code-execution-via-unblocked-standard-library-modules