Vulnerability Details CVE-2026-22612
Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, Fickling is vulnerable to detection bypass due to "builtins" blindness. This issue has been patched in version 0.1.7.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.9%
CVSS Severity
CVSS v3 Score 7.8
References
- https://github.com/trailofbits/fickling/commit/9f309ab834797f280cb5143a2f6f987579fa7cdf
- https://github.com/trailofbits/fickling/releases/tag/v0.1.7
- https://github.com/trailofbits/fickling/security/advisories/GHSA-h4rm-mm56-xf63
- https://github.com/trailofbits/fickling/security/advisories/GHSA-h4rm-mm56-xf63
Products affected by CVE-2026-22612
-
cpe:2.3:a:trailofbits:fickling:0.0.1
-
cpe:2.3:a:trailofbits:fickling:0.0.2
-
cpe:2.3:a:trailofbits:fickling:0.0.3
-
cpe:2.3:a:trailofbits:fickling:0.0.4
-
cpe:2.3:a:trailofbits:fickling:0.0.5
-
cpe:2.3:a:trailofbits:fickling:0.0.6
-
cpe:2.3:a:trailofbits:fickling:0.0.7
-
cpe:2.3:a:trailofbits:fickling:0.0.8
-
cpe:2.3:a:trailofbits:fickling:0.1.0
-
cpe:2.3:a:trailofbits:fickling:0.1.1
-
cpe:2.3:a:trailofbits:fickling:0.1.2
-
cpe:2.3:a:trailofbits:fickling:0.1.3
-
cpe:2.3:a:trailofbits:fickling:0.1.4
-
cpe:2.3:a:trailofbits:fickling:0.1.5
-
cpe:2.3:a:trailofbits:fickling:0.1.6