CVE-2025-5174 | erdogant pypickle up to 1.1.5 pypickle/pypickle.py load deserialization

Inserito da Angelo Barbosa | Mag 25, 2025 | CVE

A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic. Affected by this issue is the function load of the file pypickle/pypickle.py. The manipulation leads to deserialization.

This vulnerability is handled as CVE-2025-5174. Local access is required to approach this attack. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2025-5174 | erdogant pypickle up to 1.1.5 pypickle/pypickle.py load deserialization

Post correlati

CVE-2024-9250 | Foxit PDF Reader AcroForm use after free (ZDI-24-1303)

CVE-2024-6759 | FreeBSD NFS Client readdir injection

CVE-2023-7233 | GigPress Plugin up to 2.3.29 on WordPress Setting cross site scripting

CVE-2024-27951 | Themeisle Multiple Page Generator Plugin up to 3.4.0 on WordPress unrestricted upload