A vulnerability marked as critical has been reported in picklescan up to 0.0.28 . This impacts the function idlelib.autocomplete.AutoComplete.fetch_completions of the component Autocomplete Handler . The manipulation leads to deserialization. This vulnerability is uniquely identified as CVE-2025-71376 . The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.