CVE-2025-14925

CVE-2025-14925 affects Hugging Face Accelerate. The vulnerability stems from improper validation during parsing of checkpoints, enabling deserialization of untrusted data. An attacker can trigger remote code execution by convincing a user to visit a malicious page or open a crafted file, with cod...

CVE-2025-14924 Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers megatrongpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in...