CVE-2025-3677 lm-sys fastchat apply_delta.py apply_delta_low_cpu_mem deserialization

A vulnerability classified as critical was found in lm-sys fastchat up to 0.2.36. This vulnerability affects the function splitfiles/applydeltalowcpumem of the file fastchat/model/applydelta.py. The manipulation leads to deserialization. An attack has to be approached locally...

FastChat 代码问题漏洞

FastChat is an open source platform from LMSYS for training, deploying and evaluating chatbots based on large language models. A code issue vulnerability exists in FastChat version 0.2.36 and earlier, which stems from a deserialization issue in the splitfiles/applydeltalowcpumem function in the...