Lucene search
K

126 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 11:5 p.m.8 views

CVE-2026-46432 LMDeploy: Arbitrary code execution via hardcoded trust_remote_code=True in lmdeploy model initialization

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, LMDeploy is vulnerable to arbitrary code execution through hardcoded "trustremotecode=True" in multiple HuggingFace model-loading call sites. At time of publication, there are no...

7.8CVSS6.2AI score0.00142EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:5 p.m.36 views

CVE-2026-46432

CVE-2026-46432 (LMDeploy) affects lmdeploy

7.8CVSS6.2AI score0.00142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/07 8:58 p.m.18 views

CVE-2026-4944

A flaw was found in vllm-project/vllm. A hardcoded setting in the model implementation files bypasses the user's explicit security configuration, which is intended to prevent the execution of remote code. This allows a remote attacker to achieve remote code execution by providing a malicious mode...

8.8CVSS7.7AI score0.00747EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.10 views

CVE-2026-47117

OpenMed before 1.5.2 contains a remote code execution vulnerability in the PII privacy-filter model loading path. The privacy-filter dispatcher used broad substring matching on the user-supplied modelname parameter, allowing a value such as attacker/foo-privacy-filter-bar to route through a path...

9.8CVSS6.3AI score0.00915EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.11 views

CVE-2026-4372

A critical remote code execution vulnerability exists in all versions of the HuggingFace transformers library prior to version 5.3.0. The vulnerability allows an attacker to craft a malicious config.json file containing the attnimplementationinternal field set to an attacker-controlled HuggingFac...

7.8CVSS8.1AI score0.00479EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/03 9:47 p.m.15 views

CVE-2026-5241

A flaw was found in python-transformers. An attacker can exploit this vulnerability by providing a malicious model repository. During model initialization, the trustremotecode parameter, intended to prevent remote code execution, is overridden by untrusted configuration data. This allows the...

9.6CVSS7.6AI score0.00519EPSS
Exploits1References5
NVD
NVD
added 2026/06/03 2:16 p.m.18 views

CVE-2026-5241

A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an attacker-controlled model repository to execute arbitrary code during model initialization. The issue arises because the trustremotecode parameter, intended to prevent remote code execution, is...

9.6CVSS0.00519EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:33 p.m.11 views

CVE-2026-5241

A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an attacker-controlled model repository to execute arbitrary code during model initialization. The issue arises because the trustremotecode parameter, intended to prevent remote code execution, is...

8CVSS7.9AI score0.00519EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.17 views

PT-2026-45946

Name of the Vulnerable Software and Affected Versions huggingface/transformers version 5.2.0 Description A flaw in the LightGlue model loading path allows an attacker-controlled model repository to execute arbitrary code during model initialization. The issue occurs because the trust remote code...

9.6CVSS8AI score0.00519EPSS
Exploits1References10
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

Hugging Face Transformers 安全漏洞

Hugging Face Transformers is an open-source framework developed by Hugging Face for defining state-of-the-art machine learning models. It covers text, visual, audio, and multimodal models, and can be used for both inference and training. Version 5.2.0 of Hugging Face Transformers contains a...

9.6CVSS8.1AI score0.00519EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/02 2:15 p.m.10 views

EUVD-2026-33942

OpenMed before 1.5.2 contains a remote code execution vulnerability in the PII privacy-filter model loading path. The privacy-filter dispatcher used broad substring matching on the user-supplied modelname parameter, allowing a value such as attacker/foo-privacy-filter-bar to route through a path...

9.8CVSS6.5AI score0.00915EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/02 2:15 p.m.9 views

CVE-2026-47117

OpenMed before 1.5.2 contains a remote code execution vulnerability in the PII privacy-filter model loading path. The privacy-filter dispatcher used broad substring matching on the user-supplied modelname parameter, allowing a value such as attacker/foo-privacy-filter-bar to route through a path...

9.8CVSS6.5AI score0.00915EPSS
Exploits0References5
CVE
CVE
added 2026/06/02 2:15 p.m.34 views

CVE-2026-47117

OpenMed prior to version 1.5.2 is affected by a remote code execution vulnerability in the PII privacy-filter model loading path. The privacy-filter dispatcher uses broad substring matching on the user-supplied model_name, enabling a value like attacker/foo-privacy-filter-bar to route to a path t...

9.8CVSS6.5AI score0.00915EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/28 6:4 p.m.10 views

CVE-2026-4944 Hardcoded trust_remote_code=True in vllm-project/vllm Bypasses User Security Control

vllm-project/vllm version 0.14.1 contains a vulnerability where the trustremotecode=True parameter is hardcoded in two model implementation files vllm/modelexecutor/models/nemotronvl.py and vllm/modelexecutor/models/kimik25.py. This bypasses the user's explicit --trust-remote-code=False setting,...

8.8CVSS7.9AI score0.00747EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/28 6:4 p.m.16 views

EUVD-2026-32979

vllm-project/vllm version 0.14.1 contains a vulnerability where the trustremotecode=True parameter is hardcoded in two model implementation files vllm/modelexecutor/models/nemotronvl.py and vllm/modelexecutor/models/kimik25.py. This bypasses the user's explicit --trust-remote-code=False setting,...

8.8CVSS7.9AI score0.00747EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 6:4 p.m.14 views

CVE-2026-4944

vllm-project/vllm version 0.14.1 contains a vulnerability where the trustremotecode=True parameter is hardcoded in two model implementation files vllm/modelexecutor/models/nemotronvl.py and vllm/modelexecutor/models/kimik25.py. This bypasses the user's explicit --trust-remote-code=False setting,...

9.8CVSS7.4AI score0.00747EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.23 views

vLLM 安全漏洞

vLLM is an open-source LLM-based inference and service engine that features high throughput and efficient memory usage. Version vLLM 0.14.1 contains a security vulnerability caused by the hardcoding of the trustremotecode=True parameter, which may lead to remote code execution...

8.8CVSS7.6AI score0.00747EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.14 views

PT-2026-44487

vllm-project/vllm version 0.14.1 contains a vulnerability where the trust remote code=True parameter is hardcoded in two model implementation files vllm/model executor/models/nemotron vl.py and vllm/model executor/models/kimi k25.py. This bypasses the user's explicit --trust-remote-code=False...

8.8CVSS7.9AI score0.00747EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.13 views

CVE-2026-5817

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...

8.8CVSS6.5AI score0.00224EPSS
Exploits1References1
OSV
OSV
added 2026/05/26 1:30 p.m.3 views

GHSA-29PF-2H5F-8G72 HuggingFace transformers vulnerable to remote code execution

A critical remote code execution vulnerability exists in all versions of the HuggingFace transformers library prior to version 5.3.0. The vulnerability allows an attacker to craft a malicious config.json file containing the attnimplementationinternal field set to an attacker-controlled HuggingFac...

7.8CVSS7.8AI score0.00479EPSS
Exploits1References4
Rows per page
Query Builder