Lucene search
K

124 matches found

Snyk
Snyk
added 2026/05/18 3:59 p.m.6 views

Deserialization of Untrusted Data

Overview chromadb is a Chroma. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the trustremotecode process. An attacker can execute arbitrary code on the server by sending a malicious model repository to the /api/v2/tenants/tenant/databases/db/collections...

10CVSS6.2AI score0.12387EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.10 views

chroma 代码注入漏洞

Chroma is an open-source AI data infrastructure tool developed by Chroma. Versions of Chroma 1.0.0 and later have a code injection vulnerability. This vulnerability stems from a pre-authentication code injection issue, allowing unauthenticated attackers to execute arbitrary code on the server by...

10CVSS6.3AI score0.12387EPSS
Exploits2References2
NVD
NVD
added 2026/05/14 5:16 p.m.13 views

CVE-2026-44827

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, diffusers 0.37.0 allows remote code execution without the trustremotecode=True safeguard when loading pipelines from Hugging Face Hub repositories. The resolvecustompipelineandcls function in pipelineloadingutils.py...

8.8CVSS0.00562EPSS
Exploits1References1
OSV
OSV
added 2026/05/14 5:16 p.m.12 views

PYSEC-2026-41

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, diffusers 0.37.0 allows remote code execution without the trustremotecode=True safeguard when loading pipelines from Hugging Face Hub repositories. The resolvecustompipelineandcls function in pipelineloadingutils.py...

8.8CVSS6.5AI score0.00562EPSS
Exploits1References1
PyPA
PyPA
added 2026/05/14 5:16 p.m.13 views

PYSEC-2026-40

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variant...

8.8CVSS6.5AI score0.00865EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/05/14 5:16 p.m.11 views

PYSEC-2026-40

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variant...

8.8CVSS6.5AI score0.00865EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/14 4:33 p.m.38 views

CVE-2026-44827 Diffusers: None.py Trust Remote Code Bypass

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, diffusers 0.37.0 allows remote code execution without the trustremotecode=True safeguard when loading pipelines from Hugging Face Hub repositories. The resolvecustompipelineandcls function in pipelineloadingutils.py...

8.8CVSS0.00562EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/14 4:33 p.m.11 views

CVE-2026-44827 Diffusers: None.py Trust Remote Code Bypass

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, diffusers 0.37.0 allows remote code execution without the trustremotecode=True safeguard when loading pipelines from Hugging Face Hub repositories. The resolvecustompipelineandcls function in pipelineloadingutils.py...

8.8CVSS6.5AI score0.00562EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/14 4:26 p.m.67 views

EUVD-2026-30334

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variant...

8.8CVSS6.5AI score0.00865EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:26 p.m.7 views

CVE-2026-44513

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variant...

8.8CVSS6.5AI score0.00865EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/14 4:26 p.m.8 views

CVE-2026-44513 Diffusers: `trust_remote_code` bypass via `custom_pipeline` and local custom components

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variant...

8.8CVSS6.5AI score0.00865EPSS
Exploits1References1
CVE
CVE
added 2026/05/14 4:26 p.m.22 views

CVE-2026-44513

Diffusers 0.38.0 fixes a trust_remote_code bypass in DiffusionPipeline.from_pretrained that allowed arbitrary remote code execution when using custom_pipeline or local snapshots. Root cause: the security gate was checked inside DiffusionPipeline.download(), but some code paths bypassed download()...

8.8CVSS6.5AI score0.00865EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.9 views

diffusers 代码注入漏洞

diffusers is a generative model library for generating images, audio, and 3D molecular structures, open-sourced by Hugging Face. Versions of diffusers prior to 0.38.0 contained a code injection vulnerability, which was caused by a bypass of trustremotecode, potentially allowing arbitrary remote...

8.8CVSS6.3AI score0.00865EPSS
Exploits1References1
OSV
OSV
added 2026/05/07 5:31 a.m.5 views

GHSA-98H9-4798-4Q5V Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components

Impact A trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variants, all sharing the same root cause — the trustremotecode gate was...

8.8CVSS6.6AI score0.00865EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2026/05/07 5:31 a.m.22 views

Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components

Impact A trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variants, all sharing the same root cause — the trustremotecode gate was...

8.8CVSS6.6AI score0.00865EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2026/05/07 2:24 a.m.6 views

GHSA-J7W6-VPVQ-J3GM Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components

Background This vulnerability is found in the DiffusionPipeline.frompretrained flow, which is used to load a pipeline from the HuggingFace Hub. This function accepts an optional custompipeline keyword argument: the name of a Python file in the repo that contains a custom class inheriting from...

8.8CVSS5.9AI score0.00562EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2026/05/07 2:24 a.m.14 views

Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components

Background This vulnerability is found in the DiffusionPipeline.frompretrained flow, which is used to load a pipeline from the HuggingFace Hub. This function accepts an optional custompipeline keyword argument: the name of a Python file in the repo that contains a custom class inheriting from...

8.8CVSS5.9AI score0.00562EPSS
Exploits1References7Affected Software1
Snyk
Snyk
added 2026/05/07 2:24 a.m.22 views

Arbitrary Code Injection

Overview diffusers is a State-of-the-art diffusion in PyTorch and JAX. Affected versions of this package are vulnerable to Arbitrary Code Injection in the frompretrained fucntion when a repository contains a None.py file and the custompipeline argument is not supplied. An attacker can execute...

8.8CVSS6.2AI score0.00865EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.16 views

PT-2026-39298

Name of the Vulnerable Software and Affected Versions Diffusers versions prior to 0.38.0 Description An issue exists in the DiffusionPipeline.from pretrained flow when loading pipelines from Hugging Face Hub repositories. The resolve custom pipeline and cls function in pipeline loading utils.py...

8.8CVSS6.4AI score0.00562EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/05/05 2:20 a.m.6 views

CVE-2026-7669

A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation of the argument trustremotecode with the input False as part of Boole...

6.3CVSS6AI score0.00368EPSS
Exploits0References1
Rows per page
Query Builder