Vulnerability in Mmaitre314 Picklescan

CVE-2025-10156

An Improper Handling of Exceptional Conditions vulnerability in the ZIP archive scanning component of mmaitre314 picklescan allows a remote attacker to bypass security scans. This is achieved by crafting a ZIP archive containing a file wit…

EPSS: 0.013 (80.0th percentile) — read the EPSS interpretation.

Affected products

Mmaitre314 Picklescan — versions 0

Weakness classification (CWE)

CWE-755 — Improper Handling of Exceptional Conditions

References

Proof of Concept (Archive with Bad CRC) (exploit)
Example of Failing Scan on Hugging Face (exploit)
Vulnerable Code Snippet (related)
github.com/mmaitre314/picklescan/security/advisories/GHSA-mjqp-26hc-grxg (vendor-advisory)