Three critical security flaws have been disclosed in an open-source utility called Picklescan that could allow malicious actors to execute arbitrary code by loading untrusted PyTorch models, effectively bypassing the tool’s protections.
Picklescan, developed and maintained by Matthieu Maitre (@mmaitre314), is a security scanner that’s designed to parse Python pickle files and detect suspiciousRead More
Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code [email protected] (The Hacker News)
by
Tags: