{"vulnerability": "cve-2025-7134", "sightings": [{"uuid": "878a79ad-887c-4843-b94d-e5b55598fd21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-7134", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-06T01:04:20.000000Z"}, {"uuid": "9efcad82-a505-4b65-a0f1-530f7f1f7f7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-7134", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-21T10:03:53.000000Z"}, {"uuid": "095fbc15-1cd6-43f9-95e9-3cd57ab30e6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71348", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mosrzrpvn52y", "content": "picklescan 0.0.28 \u672a\u6e80\u3067\u3001reduce \u30e1\u30bd\u30c3\u30c9\u5185\u306e torch.utils._config_module.load_config \u95a2\u6570\u3092\u60aa\u7528\u3057\u3001\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u5b9f\u884c\u3092\u53ef\u80fd\u306b\u3059\u308b\u60aa\u610f\u306e\u2026\nCVE-2025-71348 CVSS 8.1 | HIGH", "creation_timestamp": "2026-06-21T16:27:12.554338Z"}, {"uuid": "7b0f9c90-bee0-47a9-8853-5c77d5aa3e41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71348", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mosuo6f7cg2k", "content": "CVE-2025-71348 - picklescan - Arbitrary Code Execution via torch.utils._config_module.load_config Bypass\nCVE ID : CVE-2025-71348\n \n Published : June 21, 2026, 1:26 p.m. | 3\u00a0hours, 43\u00a0minutes ago\n \n Description : picklescan before 0.0.28 fails to detect malicious pickle files t...", "creation_timestamp": "2026-06-21T17:14:24.405278Z"}, {"uuid": "a3e7b22e-769c-45f8-b7b8-69e089916208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71348", "type": "seen", "source": "https://bsky.app/profile/cybersecinsight.bsky.social/post/3moush6g2fm2y", "content": "\ud83d\udd0d Vulnerability Spotlight | Part 2/3\n\n\u26a0\ufe0f CVE-2025-71348\n\npicklescan before 0.0.28 fails to detect malicious pickle files that invoke torch.utils._config_module.load_config function within reduce methods. ...", "creation_timestamp": "2026-06-22T11:40:01.582405Z"}, {"uuid": "2bd1e999-686a-4fe3-a5ca-e18b546087ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71344", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mow4mez25i2q", "content": "CVE-2025-71344 - picklescan - Arbitrary Code Execution via Undetected ensurepip._run_pip Function\nCVE ID : CVE-2025-71344\n \n Published : June 22, 2026, 9:04 p.m. | 2\u00a0hours, 5\u00a0minutes ago\n \n Description : picklescan before 0.0.30 (affected versions 0.0.26 and earlier) fails to ...", "creation_timestamp": "2026-06-23T00:14:33.286629Z"}, {"uuid": "feb66fb3-d518-41e2-b720-e3e6020dacc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-71344", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-xp4f-hrf8-rxw7", "content": "", "creation_timestamp": "2025-08-26T21:34:37.000000Z"}, {"uuid": "0608c5fa-b9a0-4503-b0a2-3bad90f37444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71341", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moxkqcdnog2l", "content": "CVE-2025-71341 - picklescan - Remote Code Execution via Undetected profile.Profile.runctx\nCVE ID : CVE-2025-71341\n \n Published : 23 juin 2026 12:12 | 1\u00a0heure, 30\u00a0minutes ago\n \n Description : picklescan before 0.0.29 fails to detect the profile.Profile.runctx function when anal...", "creation_timestamp": "2026-06-23T13:59:56.910531Z"}, {"uuid": "548be774-c876-4f99-88ed-4740e0be5936", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71340", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5sef4f3q2a", "content": "CVE-2025-71340 - picklescan - Remote Code Execution via idlelib.pyshell.ModifiedInterpreter.runcode\nCVE ID : CVE-2025-71340\n \n Published : June 25, 2026, 9:41 p.m. | 3\u00a0hours, 30\u00a0minutes ago\n \n Description : picklescan through 0.0.26 fails to detect malicious pickle files that ...", "creation_timestamp": "2026-06-26T01:32:25.472654Z"}]}