Lucene search
+L

232 matches found

RedhatCVE
RedhatCVE
added 2026/07/07 3:37 p.m.5 views

CVE-2026-54316

A flaw was found in Claude Code, an agentic coding tool. An attacker could exploit a misconfiguration in the tool's web request functionality, known as WebFetch, where the huggingface.co domain was pre-approved without proper path restrictions. By injecting untrusted content into a Claude Code...

9.1CVSS5.9AI score0.00403EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 3:6 a.m.9 views

Malicious code in zod-pino434 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 599a5d533bf699156b78f5296f643227bf3e43d8e46f2adabfe250205a05bd26 Package name zod-pino434 and package.json description Node.js integration layer for Autodesk Forge do not match the shipped code. On npm install, the...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 3:6 a.m.9 views

Malicious code in zod-pino444 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 560c3d47344d4da5dffac230236b5248d2f1856c221ffac7ff72d4e3b197957b Package [email protected] is a credential/secret harvester disguised behind a benign-sounding name. scripts/postinstall-agent.mjs is a...

6AI score
Exploits0References5
OSV
OSV
added 2026/06/29 11:50 a.m.10 views

PYSEC-2026-406 mamba language model framework vulnerable to insecure deserialization when loading pre-trained models from HuggingFace Hub

The mamba language model framework thru 2.2.6 is vulnerable to insecure deserialization CWE-502 when loading pre-trained models from HuggingFace Hub. The MambaLMHeadModel.frompretrained method uses torch.load to load the pytorchmodel.bin weight file without enabling the security-restrictive...

9.8CVSS6.1AI score0.00409EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-542 smolagents has Sandbox Escape Vulnerability in the local_python_executor.py Module

A sandbox escape vulnerability was identified in huggingface/smolagents version 1.14.0, allowing attackers to bypass the restricted execution environment and achieve remote code execution RCE. The vulnerability stems from the localpythonexecutor.py module, which inadequately restricts Python code...

9.9CVSS7.9AI score0.18654EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/06/26 8:3 a.m.12 views

CVE-2026-41523

A flaw was found in vLLM, an inference and serving engine for large language models LLMs. An unauthenticated attacker can exploit an assert-based security check during activation function loading. By publishing a malicious HuggingFace model, an attacker can achieve arbitrary code execution on the...

7.5CVSS6.4AI score0.00484EPSS
Exploits1References6
Veracode
Veracode
added 2026/06/24 5:32 a.m.11 views

Out Of Band Data Exfiltration

Claude Code is vulnerable to Out-of-Band Data Exfiltration. The vulnerability is due to the pre-approval of the hostname huggingface.co as a bare hostname for the WebFetch tool, where any path on that domain—including attacker-controlled model repositories—was auto-approved without a permission...

9.1CVSS5.9AI score0.00403EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 5:6 p.m.7 views

CVE-2026-54316

Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including attacker-controlled model repositories—was auto-approved without a permission prompt or being subject ...

6CVSS5.9AI score0.00403EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/23 5:6 p.m.61 views

CVE-2026-54316

CVE-2026-54316 (Claude Code) affects Claude Code versions 0.2.54–2.1.162, fixed in 2.1.163. The WebFetch tool allowed any path on the pre-approved domain huggingface.co, enabling an attacker-controlled repository path to be fetched without prompts or --allowedTools restrictions. If an attacker ca...

9.1CVSS5.9AI score0.00403EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/23 5:6 p.m.39 views

CVE-2026-54316 Claude Code: Out-of-Band Data Exfiltration via Pre-Approved HuggingFace Domain in WebFetch

Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including attacker-controlled model repositories—was auto-approved without a permission prompt or being subject ...

6CVSS0.00403EPSS
Exploits0References1
OSV
OSV
added 2026/06/23 5:6 p.m.4 views

CVE-2026-54316 Claude Code: Out-of-Band Data Exfiltration via Pre-Approved HuggingFace Domain in WebFetch

Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including attacker-controlled model repositories—was auto-approved without a permission prompt or being subject ...

6CVSS6AI score0.00403EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 11:16 p.m.11 views

CVE-2026-41523

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.0, an assert-based security check in vLLM's activation function loading allows any unauthenticated attacker to achieve arbitrary code execution on the server by publishing a malicious HuggingFace model, when vLL...

7.5CVSS0.00484EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/06/22 10:18 p.m.6 views

CVE-2026-41523 vLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arbitrary Code Execution

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.0, an assert-based security check in vLLM's activation function loading allows any unauthenticated attacker to achieve arbitrary code execution on the server by publishing a malicious HuggingFace model, when vLL...

7.5CVSS6.5AI score0.00484EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/22 10:18 p.m.9 views

CVE-2026-41523

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.0, an assert-based security check in vLLM's activation function loading allows any unauthenticated attacker to achieve arbitrary code execution on the server by publishing a malicious HuggingFace model, when vLL...

7.5CVSS6.5AI score0.00484EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/06/22 10:18 p.m.5 views

CVE-2026-41523 vLLM: Security Check Bypass via assert Statement in Activation Function Loading Allows Arbitrary Code Execution

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.0, an assert-based security check in vLLM's activation function loading allows any unauthenticated attacker to achieve arbitrary code execution on the server by publishing a malicious HuggingFace model, when vLL...

7.5CVSS6.6AI score0.00484EPSS
Exploits1References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/22 9:53 p.m.17 views

Malicious code in zod-pino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c536e5a7ee3d5542e1ac822b30ba4525e52b2ae0c964d0c2470468d91b9b41c8 The package is published under a name suggesting a Pino logger integration for Zod, but the tarball contents do not match that purpose and exhibit...

5.9AI score
Exploits0References7
OSV
OSV
added 2026/06/22 9:53 p.m.14 views

MAL-2026-6273 Malicious code in zod-pino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c536e5a7ee3d5542e1ac822b30ba4525e52b2ae0c964d0c2470468d91b9b41c8 The package is published under a name suggesting a Pino logger integration for Zod, but the tarball contents do not match that purpose and exhibit...

5.9AI score
Exploits0References7
OSV
OSV
added 2026/06/22 12:0 p.m.13 views

MAL-2026-6279 Malicious code in forge-jsx4 (npm)

forge-jsx4 is a remote access trojan RAT published to the public npm registry by the account rafaelsilva [email protected]. Versions 1.0.122 and 1.0.123 were published on June 21-22, 2026 as a reconstitution of the forge-jsx / forge-jsxy campaign, reusing the same command-and-control...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/22 12:0 p.m.12 views

Malicious code in forge-jsx4 (npm)

forge-jsx4 is a remote access trojan RAT published to the public npm registry by the account rafaelsilva [email protected]. Versions 1.0.122 and 1.0.123 were published on June 21-22, 2026 as a reconstitution of the forge-jsx / forge-jsxy campaign, reusing the same command-and-control...

5.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/17 6:6 p.m.13 views

Claude Code: Out-of-Band Data Exfiltration via Pre-Approved HuggingFace Domain in WebFetch

Because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including attacker-controlled model repositories—was auto-approved without a permission prompt or being subject to --allowedTools restrictions. An attacker able to inject untrust...

9.1CVSS5.5AI score0.00403EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder