CVE-2026-22612

High CVSS: 8.9

Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, Fickling is vulnerable to detection bypass due to "builtins" blindness. This issue has been patched in version 0.1.7.

Vendor

Trailofbits

Product

Fickling

CWE

CWE-502

Yayın Tarihi

2026-01-10 02:15:50

Güncelleme

2026-01-16 18:56:30

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-502 Fickling HIGH Trailofbits 2026

Referanslar

https://github.com/trailofbits/fickling/commit/9f309ab834797f280cb5143a2f6f987579fa7cdf https://github.com/trailofbits/fickling/releases/tag/v0.1.7 https://github.com/trailofbits/fickling/security/advisories/GHSA-h4rm-mm56-xf63 https://github.com/trailofbits/fickling/security/advisories/GHSA-h4rm-mm56-xf63

Benzer Kayıtlar

High

CVE-2026-22609

Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, the unsafe_imports() method in Fic…

High

CVE-2026-22606

Fickling is a Python pickling decompiler and static analyzer. Fickling versions up to and including 0.1.6 do not treat P…

High

CVE-2026-22607

Fickling is a Python pickling decompiler and static analyzer. Fickling versions up to and including 0.1.6 do not treat P…

High

CVE-2026-22608

Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, both ctypes and pydoc modules aren…

High

CVE-2025-67747

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 are missing `marshal` and `types`…

High

CVE-2025-67748

Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 had a bypass caused by `pty` missi…