{"uuid": "12166cd3-f696-4adb-bbda-fda1f675cdc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53874", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3motnkutt5o2l", "content": "\ud83d\udea8  ALERT: CVE-2026-53874\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\npicklescan before 1.0.1 contains an unsafe deserialization vulnerability allowing unauthenticated users to execute arbitrary code by hiding eval calls nested under callable objects via getattr. Attackers can embed malicious code in pickle files th", "creation_timestamp": "2026-06-22T00:39:57.216188Z"}