A vulnerability labeled as critical has been found in picklescan up to 0.0.29 . The affected element is the function pickle.load . Such manipulation leads to deserialization. This vulnerability is referenced as CVE-2025-71378 . It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.