CVE-2026-6859 Instructlab: instructlab: arbitrary code execution due to hardcoded `trust_remote_code=true`

A flaw was found in InstructLab. The linuxtrain.py script hardcodes trustremotecode=True when loading models from HuggingFace. This allows a remote attacker to achieve arbitrary Python code execution by convincing a user to run ilab train/download/generate with a specially crafted malicious model...

PT-2026-30804

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ Client versions prior to 5.19.3, from 6.0.0 through 6.2.2 Apache ActiveMQ Broker versions prior to 5.19.3, from 6.0.0 through 6.2.2 Apache ActiveMQ All versions prior to 5.19.3, from 6.0.0 through 6.2.2 Description An improper...

Kedro: Path Traversal in versioned dataset loading via unsanitized version string

Impact The getversionedpath method in kedro/io/core.py constructs filesystem paths by directly interpolating user-supplied version strings without sanitization. Because version strings are used as path components, traversal sequences such as ../ are preserved and can escape the intended versioned...

LangChain 安全漏洞

LangChain is an open-source framework developed by LangChain for creating applications powered by large language models LLMs. Versions of LangChain prior to 1.2.22 contained security vulnerabilities. These vulnerabilities stemmed from multiple functions in langchaincore.promptsloading that read...

RATOC RAID Monitoring Manager for Windows 代码问题漏洞

RATOC RAID Monitoring Manager for Windows is a software developed by RATOC RAID in Japan, designed for monitoring and managing the RAID hard drive boxes it supports. RATOC RAID Monitoring Manager for Windows has a code vulnerability that stems from the installer loading DLLs from the current...

CVE-2026-24150

NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering...

CVE-2026-24157

NVIDIA NeMo Framework contains a vulnerability in checkpoint loading that could allow remote code execution. An attacker could trigger code execution, privilege escalation, information disclosure, and data tampering. All platforms and versions prior to 2.6.2 are affected; update to version 2.6.2 ...

CVE-2026-24150

NVIDIA Megatron-LM is affected by CVE-2026-24150 through a vulnerability in checkpoint loading that could allow an attacker to induce remote code execution by convincing a user to load a maliciously crafted file. The advisory indicates the vulnerability is addressed by updating Megatron LM to ver...

NVIDIA Megatron LM 代码问题漏洞

NVIDIA Megatron LM is a deep learning framework developed by NVIDIA Corporation for training large-scale language models and parallel computing. NVIDIA Megatron LM has code-related vulnerabilities; one of these vulnerabilities stems from a remote code execution vulnerability in quantitative...

PT-2026-27509

NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering...

PYSEC-2026-103

Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load due to improper logic in the repository trust verification mechanism. While the function is designed to warn users...

DEBIAN-CVE-2026-28500

Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load due to improper logic in the repository trust verification mechanism. While the function is designed to warn users...

UBUNTU-CVE-2026-28500

Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load due to improper logic in the repository trust verification mechanism. While the function is designed to warn users...

CVE-2026-3989 CVE-2026-3989

SGLangs replayrequestdump.py contains an insecure pickle.load without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script...

CVE-2025-69771

CVE-2025-69771 affects asbplayer v1.13.0; a flaw in the subtitle loading function allows arbitrary file upload, enabling arbitrary code execution. No exploitation details are provided in the supplied documents, and remediation information is not available here.

Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading

Summary TensorFlow / Keras continues to honor HDF5 “external storage” and ExternalLink features when loading weights. A malicious .weights.h5 or a .keras archive embedding such weights can direct loadweights to read from an arbitrary readable filesystem path. The bytes pulled from that path...

Deserialization of Untrusted Data

Overview nemo-toolkit is a NeMo - a toolkit for Conversational AI Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the model loading process with weightsonly=False. An attacker can execute arbitrary code, escalate privileges, disclose sensitive information...

External Control of File Name or Path

Overview keras is a Keras is a high-level neural networks API for Python.. Affected versions of this package are vulnerable to External Control of File Name or Path via the model loading process when handling HDF5 files with external dataset references. An attacker can access arbitrary files and...

NVIDIA Linux GPU Display Driver (January 2026)

A display driver installed on the remote Linux host is affected by multiple vulnerabilities, including the following: - NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead to arbitrary denial of service, escalation of privileges, code execution, and da...

CVE-2021-31522

Kylin can receive user input and load any class through Class.forName.... This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions; Apache Kylin 4 version 4.0.0 and prior versions...