exploitDog

CVE-2026-22612

Опубликовано: 10 янв. 2026

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, Fickling is vulnerable to detection bypass due to "builtins" blindness. This issue has been patched in version 0.1.7.

Ссылки

https://github.com/trailofbits/fickling/commit/9f309ab834797f280cb5143a2f6f987579fa7cdf
Patch
https://github.com/trailofbits/fickling/releases/tag/v0.1.7
Release Notes
https://github.com/trailofbits/fickling/security/advisories/GHSA-h4rm-mm56-xf63
Vendor Advisory
https://github.com/trailofbits/fickling/security/advisories/GHSA-h4rm-mm56-xf63
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:trailofbits:fickling:*:*:*:*:*:python:*:*

Версия до 0.1.7 (исключая)

EPSS

Процентиль: 17%

0.00053

Низкий

7.8 High

CVSS3

Дефекты

CWE-502

Связанные уязвимости

GHSA-h4rm-mm56-xf63

github

10 дней назад

Fickling vulnerable to detection bypass due to "builtins" blindness

EPSS

Процентиль: 17%

0.00053

Низкий

7.8 High

CVSS3

Дефекты

CWE-502