You need to agree to share your contact information to access this model
This repository is publicly accessible, but you have to accept the conditions to access its files and content.
Security research proof-of-concept for a coordinated vulnerability disclosure via huntr. Access for vendor verification only.
Log in or Sign Up to review the conditions and access this model content.
picklescan denylist bypass - proof of concept
This repository holds a single proof-of-concept pickle (pickle1-poc.pkl) for a vulnerability reported privately through huntr (coordinated disclosure).
It demonstrates a picklescan denylist bypass (proto-4 dotted-global builtins eval/call construct): the scanner reports the file as safe while the pickle still executes code on load.
DO NOT load this file outside an isolated sandbox. It is a security proof-of-concept provided solely for vendor verification, has not been disclosed externally, and will be deleted on confirmation of the fix.