Regular Expression Denial Of Service (ReDoS)

transformers is vulnerable to a Regular Expression Denial Of Service ReDoS. The vulnerability is due to the douseweightdecay method in the AdamWeightDecay optimizer processing user-controlled regular expressions in the includeinweightdecay and excludefromweightdecay lists, which allows an attacke...

EUVD-2025-30889

Malicious code in bioql PyPI...

SUSE CVE-2025-6921

The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service ReDoS in the AdamWeightDecay optimizer. The vulnerability arises from the douseweightdecay method, which processes user-controlled regular expressions in the includeinweightdecay...

GHSA-4W7R-H757-3R74 Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer

The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service ReDoS in the AdamWeightDecay optimizer. The vulnerability arises from the douseweightdecay method, which processes user-controlled regular expressions in the includeinweightdecay...

Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer

The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service ReDoS in the AdamWeightDecay optimizer. The vulnerability arises from the douseweightdecay method, which processes user-controlled regular expressions in the includeinweightdecay...

CVE-2025-6921

The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service ReDoS in the AdamWeightDecay optimizer. The vulnerability arises from the douseweightdecay method, which processes user-controlled regular expressions in the includeinweightdecay...

CVE-2025-6921

The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service ReDoS in the AdamWeightDecay optimizer. The vulnerability arises from the douseweightdecay method, which processes user-controlled regular expressions in the includeinweightdecay...

CVE-2025-6921

CVE-2025-6921 affects the huggingface/transformers library prior to 4.53.0, causing a Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer via unsafe handling in _do_use_weight_decay of include_in_weight_decay/exclude_from_weight_decay. IBM Maximo Application Suite Monito...

Regular Expression Denial of Service (ReDoS) in AdamWeightDecay Optimizer

The AdamWeightDecay optimizer is vulnerable to Regular Expression Denial of Service ReDoS. If an attacker can control the patterns in the includeinweightdecay or excludefromweightdecay lists, they can provide a malicious regular expression that causes catastrophic backtracking. When the optimizer...