Lucene search
K

331 matches found

CVE
CVE
added 2026/02/27 9:40 p.m.25 views

CVE-2026-27167

Gradio, in versions 4.16.0 through 6.5.x, running outside Hugging Face Spaces enables mocked OAuth routes when OAuth components are used. Visiting /login/huggingface causes the server to fetch its HF token via hugggingface_hub.get_token() and store it in the visitor’s session cookie, which is sig...

5.9CVSS6AI score0.00453EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/02/27 9:40 p.m.21 views

CVE-2026-27167 Gradio: Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret

Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth components e.g. gr.LoginButton are used. When a user visi...

0.00453EPSS
Exploits1References1
OSV
OSV
added 2026/02/27 9:40 p.m.5 views

CVE-2026-27167 Gradio: Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret

Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth components e.g. gr.LoginButton are used. When a user visi...

6AI score0.00453EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.9 views

PT-2026-22414

Name of the Vulnerable Software and Affected Versions Gradio versions prior to 6.6.0 Description Gradio is a Python package for rapid prototyping. A flaw exists in the OAuth flow where the redirect to target function does not properly validate the target url query parameter. This allows redirecti...

4.3CVSS6AI score0.00232EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.2 views

SafePickle: Robust and Generic ML Detection of Malicious Pickle-Based ML Models

Model repositories such as Hugging Face increasingly distribute machine learning artifacts serialized with Python's pickle format, exposing users to remote code execution RCE risks during model loading. Recent defenses, such as PickleBall, rely on per-library policy synthesis that requires comple...

6.6AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/02/18 3:31 p.m.21 views

Hugging Face Smolagents has a Server-Side Request Forgery issue

A weakness has been identified in huggingface smolagents 1.24.0. Impacted is the function requests.get/requests.post of the component LocalPythonExecutor. Executing a manipulation can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been made...

9.8CVSS5.5AI score0.00379EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2026/02/18 3:31 p.m.4 views

GHSA-JXGV-6J54-WWC7 Hugging Face Smolagents has a Server-Side Request Forgery issue

A weakness has been identified in huggingface smolagents 1.24.0. Impacted is the function requests.get/requests.post of the component LocalPythonExecutor. Executing a manipulation can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been made...

6.3CVSS6.3AI score0.00379EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.7 views

NVIDIA Megatron Bridge 代码注入漏洞

NVIDIA Megatron Bridge is a component developed by NVIDIA Corporation in the United States that connects Hugging Face and Megatron-Core. NVIDIA Megatron Bridge has a code injection vulnerability. This vulnerability arises from malicious inputs in the data shuffling tutorial, which may lead to cod...

7.8CVSS5.9AI score0.00201EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.7 views

NVIDIA Megatron Bridge 代码注入漏洞

NVIDIA Megatron Bridge is a component developed by NVIDIA Corporation in the United States that connects Hugging Face and Megatron-Core. NVIDIA Megatron Bridge has a code injection vulnerability. This vulnerability arises from malicious inputs in the data merging process, which may lead to code...

7.8CVSS5.8AI score0.00197EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/02/02 12:31 p.m.6 views

Hugging Face Text Generation Inference vulnerable to Uncontrolled Resource Consumption

A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Markdown image links and performs a blocking HTTP GET...

7.5CVSS5.5AI score0.23718EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/02 12:31 p.m.5 views

GHSA-J7X9-7J54-2V3H Hugging Face Text Generation Inference vulnerable to Uncontrolled Resource Consumption

A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Markdown image links and performs a blocking HTTP GET...

7.5CVSS7.4AI score0.23718EPSS
Exploits0References4
CVE
CVE
added 2026/02/02 10:36 a.m.17 views

CVE-2026-0599

CVE-2026-0599 concerns huggingface/text-generation-inference version 3.3.6, where unauthenticated attackers can trigger a resource-exhaustion DoS via unbounded external image fetching during input validation in VLM mode. The router scans inputs for Markdown image links and issues a blocking HTTP ...

7.5CVSS5.5AI score0.23718EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.7 views

Securing the AI Supply Chain: What Can We Learn from Developer-Reported Security Issues and Solutions of AI Projects?

The rapid growth of Artificial Intelligence AI models and applications has led to an increasingly complex security landscape. Developers of AI projects must contend not only with traditional software supply chain issues but also with novel, AI-specific security threats. However, little is known...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/24 9:19 p.m.5 views

CVE-2025-14931

Hugging Face smolagents Remote Python Executor Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face smolagents. Authentication is not required to exploit this...

10CVSS8AI score0.0083EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/24 6:18 p.m.7 views

CVE-2025-14928

A flaw was found in the Hugging Face Transformers library. The convertconfig function fails to validate a user-supplied string before using it to execute Python code. An attacker can exploit this flaw by providing a malicious HuBERT model checkpoint, causing arbitrary code execution in the contex...

8.8CVSS8AI score0.00278EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/24 6:18 p.m.10 views

CVE-2025-14927

A flaw was found in the Hugging Face Transformers library. The convertconfig function fails to validate a user-supplied string before using it to execute Python code. An attacker can exploit this flaw by providing a malicious SEW-D model checkpoint, causing arbitrary code execution in the context...

8.8CVSS8AI score0.00278EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/24 6:18 p.m.11 views

CVE-2025-14924

A flaw was found in the Hugging Face Transformers library. The parsing of checkpoints fails to validate user-supplied data, causing a deserialization of untrusted data. An attacker can exploit this issue by providing a malicious megatrongpt2 model, resulting in arbitrary code execution in the...

8.8CVSS8AI score0.00262EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/24 6:18 p.m.10 views

CVE-2025-14920

A flaw was found in the Hugging Face Transformers library. The parsing of model files fails to validate user-supplied data, causing a deserialization of untrusted data. An attacker can exploit this issue by providing a malicious Perceiver model or convincing a user to visit a malicious page,...

8.8CVSS7.9AI score0.00262EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/24 6:18 p.m.6 views

CVE-2025-14921

A flaw was found in the Hugging Face Transformers library. The parsing of model files fails to validate user-supplied data, causing a deserialization of untrusted data. An attacker can exploit this issue by providing a malicious Transformer-XL model, resulting in arbitrary code execution in the...

8.8CVSS7.9AI score0.00262EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/24 4:17 p.m.11 views

CVE-2025-14922

A flaw was found in Hugging Face Diffusers. This vulnerability allows remote attackers to execute arbitrary code on affected installations. Exploitation requires user interaction, where a target must visit a malicious page or open a malicious file. The issue stems from improper validation of...

7.8CVSS7.6AI score0.00315EPSS
Exploits0References4
Rows per page
Query Builder