134 matches found
CVE-2026-5843 Docker Model Runner container-to-host code execution via MLX-LM model_file importlib loading
The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...
Astra Linux - уязвимость в assimp
A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, resulting in an out-of-bounds read and potentially causing the application to crash...
EUVD-2026-29555
The CosyVoice project thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its model loading process. When loading model files .pt from a user-specified directory via the --modeldir argument, the code uses torch.load without...
CVE-2026-31222
The Snorkel library prior to v0.10.0 contains an insecure deserialization vulnerability (CWE-502) in Trainer.load(), where model checkpoints are loaded with torch.load() without weights_only=True. This allows deserialization of arbitrary Python objects via Pickle, enabling remote code execution w...
CVE-2026-31224
The snorkel library thru v0.10.0 contains an insecure deserialization vulnerability CWE-502 in the MultitaskClassifier.load method of the MultitaskClassifier class. The method loads model weight files using torch.load without enabling the security-restrictive weightsonly=True parameter. This...
CVE-2026-31251
CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its gRPC server component. When the server starts, it loads the speech synthesis model from a user-specified directory using torch.load without enabling the...
CVE-2026-31251
CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its gRPC server component. When the server starts, it loads the speech synthesis model from a user-specified directory using torch.load without enabling the...
PT-2026-39636
CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its gRPC server component. When the server starts, it loads the speech synthesis model from a user-specified directory using torch.load without enabling the...
CVE-2026-31251
CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its gRPC server component. When the server starts, it loads the speech synthesis model from a user-specified directory using torch.load without enabling the...
PT-2026-39637
CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its model loading component. The framework uses torch.load to load model weight files e.g., llm.pt, flow.pt, hift.pt without enabling the security-restrictive...
Memory Allocation with Excessive Size Value
Overview org.apache.opennlp:opennlp-tools is an is a machine learning based toolkit for the processing of natural language text. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the AbstractModelReader class. An attacker can cause the application ...
Keras 3.13.0 Bulk Generator for Large-Scale HDF5 Shape Test Models
This script is a parallel batch generator designed to create multiple .keras model files using a thread pool. Each file is generated with a predefined set of large tensor shapes intended for stress testing or memory-impact evaluation in HDF5/Keras workflows...
sglang 安全漏洞
SGLang is a programming language and runtime system developed by SGL-project, aimed at accelerating large model inference. SGLang has a security vulnerability. This vulnerability arises from loading model files that contain malicious tokenizer/chattemplate components. As a result, the Jinja2 chat...
EUVD-2026-8915
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.1, the getmodel method in ModelFilesController line 158-160 loads models using Model.findparamparams:modelid without policyscope, bypassing...
CVE-2026-28225 Manyfold has IDOR in ModelFilesController
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.1, the getmodel method in ModelFilesController line 158-160 loads models using Model.findparamparams:modelid without policyscope, bypassing...
CVE-2026-28225
Manyfold is exposed to an authorization bypass in older releases. Before version 0.133.1, the get_model method in ModelFilesController loads models with Model.find_param(params[:model_id]) without enforcing policy_scope(), bypassing Pundit authorization, unlike other controllers (e.g., ModelsCont...
CVE-2026-28225 Manyfold has IDOR in ModelFilesController
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.1, the getmodel method in ModelFilesController line 158-160 loads models using Model.findparamparams:modelid without policyscope, bypassing...
CVE-2026-0875 MODEL File Parsing Out-of-Bounds Write
A maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...
EUVD-2026-0750
MessagePack for Java Vulnerable to Remote DoS via Malicious EXT Payload Allocation...
Linux Distros Unpatched Vulnerability : CVE-2026-21452
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MessagePack for Java is a serializer implementation for Java. A denial-of-service vulnerability exists in versions prior to 0.9.11 when deserializing .msgpack...