CVE-2025-6051

A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library’s EnglishNormalizer.normalizenumbers method of the CLVP model. Maliciously crafted long numeric strings cause excessive CPU usage due to inefficient regex processing, leading to...

Hugging Face Transformers 安全漏洞

Hugging Face Transformers is Hugging Face's open source advanced natural language processing for Jax, PyTorch and TensorFlow. A security vulnerability exists in Hugging Face Transformers version 4.52.4 and earlier, which stems from the mishandling of numeric strings in the normalizenumbers method...