Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code

Three critical security flaws discovered in Picklescan, an open-source security scanner for Python pickle files. The vulnerabilities allow malicious actors to execute arbitrary code by loading untrusted PyTorch models while bypassing the tool's security protections. Picklescan is designed to parse Python pickle files and detect suspicious content, making these bypass vulnerabilities particularly concerning for organizations relying on the tool for security scanning of machine learning models.