A vulnerability was found in picklescan up to 0.0.33 and classified as critical. Affected is the function pickle.load. The manipulation results in deserialization.

This vulnerability is cataloged as CVE-2025-71367. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.