CVE-2025-1889CRITICAL 9.8EPSS p28.2%

CVE-2025-1889CVE-2025-1889

Description

picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not considered as part of the scope of picklescan, the file would pass security checks and appear to be safe, when it could instead prove to be problematic.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.36% probability of exploitation · percentile 28.2% · 2026-06-19T12:03:05Z
Published2025-03-03
Last modified2025-12-29

Underlying weaknesses· 1

CWE-646

References

  1. https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v
  2. https://www.sonatype.com/security-advisories/cve-2025-1889

1

TypeTargetConfidenceTier
WeaknessReliance on File Name or Extension of Externally-Supplied Filecwe-6460%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-1945
CVE
CVE-2025-1716
CVE
CVE-2025-10156
CVE
CVE-2026-31223
CVE
CVE-2026-38950
CVE
CVE-2026-31222
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.