See our SECURITY.txt for our policy on vulnerability disclosures.
Security: trailofbits/fickling
Security
SECURITY.md
-
ctypes and pydoc gadget chain to bypass detectionGHSA-5hvc-6wx8-mvv4 published
Jan 9, 2026 by thomas-chauchefoin-tobHigh -
Detection bypass due to "builtins" blindnessGHSA-h4rm-mm56-xf63 published
Jan 9, 2026 by thomas-chauchefoin-tobHigh -
Static Analysis Bypass via Incomplete Dangerous Module BlocklistGHSA-q5qq-mvfm-j35x published
Jan 9, 2026 by thomas-chauchefoin-tobHigh -
Fickling Blocklist Bypass: cProfile.run()GHSA-p523-jq9w-64x9 published
Jan 9, 2026 by thomas-chauchefoin-tobHigh -
Bypass via runpy.run_path() and runpy.run_module()GHSA-wfq2-52f7-7qvj published
Jan 9, 2026 by thomas-chauchefoin-tobHigh -
Bypass via marshal.loads() and types.FunctionType()GHSA-565g-hwwr-4pp3 published
Dec 15, 2025 by securingdevHigh -
Bypass via pty.spawn()GHSA-r7v6-mfhq-g3m2 published
Dec 15, 2025 by securingdevHigh
Learn more about advisories related to trailofbits/fickling in the GitHub Advisory Database