{"vulnerability": "CVE-2025-1944", "sightings": [{"uuid": "4c361ab2-60f5-4e19-a283-f3459df875f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1944", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6990", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1944\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L)\n\ud83d\udd39 Description: picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise a BadZipFile error. However, PyTorch's more forgiving ZIP implementation still allows the model to be loaded, enabling malicious payloads to bypass detection.\n\ud83d\udccf Published: 2025-03-10T11:30:32.896Z\n\ud83d\udccf Modified: 2025-03-10T11:30:32.896Z\n\ud83d\udd17 References:\n1. https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1944\n2. https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7q5r-7gvp-wc82\n3. https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781", "creation_timestamp": "2025-03-10T11:56:28.000000Z"}, {"uuid": "e29d07ae-ed2b-42c8-bf4e-39ee9d7ce09a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1944", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljzv7jzz6p2s", "content": "", "creation_timestamp": "2025-03-10T15:40:38.201092Z"}, {"uuid": "070e14e2-a09d-4e69-9c45-2225b60f3699", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1944", "type": "seen", "source": "https://t.me/cvedetector/19952", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1944 - PickleScan PyTorch ZIP Archive Corruption Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-1944 \nPublished : March 10, 2025, 12:15 p.m. | 53\u00a0minutes ago \nDescription : picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise a BadZipFile error. However, PyTorch's more forgiving ZIP implementation still allows the model to be loaded, enabling malicious payloads to bypass detection. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-10T14:51:35.000000Z"}]}