AVID-2026-R1712

Description

erdogant pypickle pypickle.py load deserialization (CVE-2025-5174)

Details

A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic. Affected by this issue is the function load of the file pypickle/pypickle.py. The manipulation leads to deserialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.0 is able to address this issue. The patch is identified as 14b4cae704a0bb4eb6723e238f25382d847a1917. It is recommended to upgrade the affected component.

Reason for inclusion in AVID: CVE-2025-5174 describes a load() deserialization vulnerability in erdogant pypickle (versions up to 1.1.5). It is a software security vulnerability (CWE-502) with evidence of exploitation potential and a patch in 2.0.0. This package is a Python library that can be used in AI/ML pipelines for serialization/deserialization tasks, making it relevant to the supply chain of general-purpose AI systems. The issue affects software components that could be deployed, trained, or run within AI stacks, and the CVE provides concrete remediation guidance. Therefore it qualifies as a software supply-chain vulnerability in AI systems.

References

• NVD entry
• https://vuldb.com/?id.310262
• https://vuldb.com/?ctiid.310262
• https://vuldb.com/?submit.579157
• https://github.com/erdogant/pypickle/issues/2
• https://github.com/erdogant/pypickle/issues/2#issuecomment-2889146579
• https://github.com/erdogant/pypickle/commit/14b4cae704a0bb4eb6723e238f25382d847a1917
• https://github.com/erdogant/pypickle/releases/tag/2.0.0

Affected or Relevant Artifacts

• Developer: erdogant
• Deployer: erdogant
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2025-05-26
• Version: 0.3.3
• AVID Entry