What is CVE-2025-1945?

CVE-2025-1945 is a vulnerability in Mmaitre314 Picklescan, classified under Insufficient Verification of Data Authenticity. Published 2025-03-10.

Is CVE-2025-1945 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Mmaitre314 Picklescan

CVE-2025-1945

picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files tha…

EPSS: 0.009 (75.6th percentile) — read the EPSS interpretation.

Affected products

Mmaitre314 Picklescan — versions 0.0.1

Weakness classification (CWE)

CWE-345 — Insufficient Verification of Data Authenticity

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

www.sonatype.com/security-advisories/cve-2025-1945 (third-party-advisory)
github.com/mmaitre314/picklescan/security/advisories/GHSA-w8jq-xcqf-f792 (vendor-advisory)
github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781 (patch)

Frequently asked questions

What is CVE-2025-1945?: CVE-2025-1945 is a vulnerability in Mmaitre314 Picklescan, classified under Insufficient Verification of Data Authenticity. Published 2025-03-10.
Is CVE-2025-1945 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.