Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code
Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code
03 December 2025
Three critical security flaws have been disclosed in an open-source utility called Picklescan that could allow malicious actors to execute arbitrary code by loading untrusted PyTorch models, effectively bypassing the tool's protections.
Picklescan, developed and maintained by Matthieu Maitre (@mmaitre314), is a security scanner that's designed to parse Python pickle files and detect suspicious