Lucene search
K

4 matches found

PyPA
PyPA
added 2025/12/23 9:15 p.m.9 views

PYSEC-2025-216

Hugging Face Transformers HuBERT convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS7.6AI score0.00278EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/12/23 9:15 p.m.4 views

CVE-2025-14928

Hugging Face Transformers HuBERT convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS6.5AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/23 9:4 p.m.12 views

CVE-2025-14928 Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution Vulnerability

Hugging Face Transformers HuBERT convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

7.8CVSS7.5AI score0.00278EPSS
Exploits0References1
CVE
CVE
added 2025/12/23 9:4 p.m.15 views

CVE-2025-14928

CVE-2025-14928 – Hugging Face Transformers HuBERT convert_config code execution . A flaw in convert_config fails to validate a user-supplied string before using it to execute Python code, enabling arbitrary code execution when processing a malicious HuBERT checkpoint. Affected product: Hugging Fa...

7.8CVSS7.9AI score0.00278EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder