2 matches found
GHSA-769V-P64C-89PR PyTorch Model Files Can Bypass Pickle Scanners via Unexpected Pickle Extensions
CVE-2025-1889 Summary Picklescan fails to detect hidden pickle files embedded in PyTorch model archives due to its reliance on file extensions for detection. This allows an attacker to embed a secondary, malicious pickle file with a non-standard extension inside a model archive, which remains...
Arbitrary Code Execution
Overview sentence-transformers is a State-of-the-Art Text Embeddings Affected versions of this package are vulnerable to Arbitrary Code Execution when loading PyTorch model files. The torch.load function, used without the weightsonly=True parameter, could deserialize malicious Python objects from...