Lucene search
K

1357 matches found

Cvelist
Cvelist
added 2026/05/22 7:28 p.m.12 views

CVE-2026-5843 Docker Model Runner container-to-host code execution via MLX-LM model_file importlib loading

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...

8.8CVSS0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/22 7:24 p.m.13 views

EUVD-2026-31493

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...

8.8CVSS6.5AI score0.00224EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/22 7:24 p.m.9 views

CVE-2026-5817 Docker Model Runner container-to-host code execution via unsandboxed trust_remote_code in Python inference backends

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...

8.8CVSS0.00224EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 7:24 p.m.14 views

CVE-2026-5817

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...

8.8CVSS6.5AI score0.00224EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/22 7:24 p.m.7 views

CVE-2026-5817 Docker Model Runner container-to-host code execution via unsandboxed trust_remote_code in Python inference backends

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...

8.8CVSS6.5AI score0.00224EPSS
Exploits1References1
CVE
CVE
added 2026/05/22 7:24 p.m.36 views

CVE-2026-5817

CVE-2026-5817 affects the vllm-metal backend used by Docker Model Runner on macOS. The backend loads model tokenizers with trust_remote_code=True, causing transformers.AutoTokenizer.from_pretrained() to import and execute arbitrary Python files from models pulled from an OCI registry. This can en...

8.8CVSS6.5AI score0.00224EPSS
Exploits1References1Affected Software1
GithubExploit
GithubExploit
added 2026/05/22 4:30 p.m.101 views

Exploit for CVE-2026-5817

CVE-2026-5817: Docker Model Runner container-to-host RCE / Esc...

6.5AI score0.00224EPSS
Exploits1
Snyk
Snyk
added 2026/05/22 2:43 a.m.10 views

Malicious Package

Overview compliance-check-runner is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/22 1:53 a.m.10 views

Malicious code in compliance-check-runner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09baf2402c56bbf2219f28a1113df9b623522a17b3a199cf9a6d58f8cbb0b68a On npm install, the package's postinstall hook runs npx env-security-scanner@latest auditenvironment via childprocess.execSync, fetching and executin...

6.1AI score
Exploits0References2
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.12 views

Docker Model Runner 安全漏洞

Docker Model Runner is an open-source Docker model runner developed by Docker. Docker Model Runner vllm-metal contains a security vulnerability. This vulnerability arises from setting trustremotecode=True without any sandbox protection. It may allow arbitrary Python files to be executed during...

8.8CVSS6.3AI score0.00224EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.17 views

PT-2026-42831

Name of the Vulnerable Software and Affected Versions Docker Model Runner on macOS affected versions not specified Description The MLX inference backend uses the MLX-LM library, which imports and executes arbitrary Python files from model directories via the model file configuration field in the...

8.8CVSS6.3AI score0.00224EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.19 views

PT-2026-42830

Name of the Vulnerable Software and Affected Versions Docker Model Runner on macOS affected versions not specified Description The vllm-metal inference backend unconditionally sets trust remote code=True when loading model tokenizers and operates without sandboxing. This allows the...

8.8CVSS6.4AI score0.00224EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Docker Model Runner 安全漏洞

Docker Model Runner is an open-source Docker model runner developed by Docker. There is a security vulnerability in Docker Model Runner MLX. This vulnerability stems from the unconditional import and execution of any Python file in the model directory. It may allow malicious models to be pulled...

8.8CVSS6.2AI score0.00224EPSS
Exploits0References2
Chainguard
Chainguard
added 2026/05/20 7:17 p.m.11 views

CVE-2026-45570 vulnerabilities

Vulnerabilities for packages: argo-workflows, grype, amazon-ssm-agent-fips, external-secrets-operator-fips, grafana-alloy, pulumi-language-yaml, gitaly-fips, argo-events-fips, guac, coder-fips, redpanda-console, terragrunt-fips, gitea-fips, gitlab-runner-fips, nuclei, k9s, mapotf, cg, kyverno,...

9.6CVSS5.9AI score0.00365EPSS
Exploits0
Chainguard
Chainguard
added 2026/05/20 7:17 p.m.9 views

GHSA-CRHJ-59GH-8X96 vulnerabilities

Vulnerabilities for packages: argo-workflows, grype, amazon-ssm-agent-fips, external-secrets-operator-fips, grafana-alloy, pulumi-language-yaml, gitaly-fips, argo-events-fips, guac, coder-fips, redpanda-console, terragrunt-fips, gitea-fips, gitlab-runner-fips, nuclei, k9s, mapotf, cg, kyverno,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/05/20 7:17 p.m.7 views

GHSA-M7CR-M3PV-HGRP vulnerabilities

Vulnerabilities for packages: argo-workflows, grype, amazon-ssm-agent-fips, external-secrets-operator-fips, grafana-alloy, pulumi-language-yaml, gitaly-fips, argo-events-fips, guac, coder-fips, redpanda-console, terragrunt-fips, gitea-fips, gitlab-runner-fips, nuclei, k9s, mapotf, cg, kyverno,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/05/20 7:17 p.m.15 views

CVE-2026-45571 vulnerabilities

Vulnerabilities for packages: argo-workflows, grype, amazon-ssm-agent-fips, external-secrets-operator-fips, grafana-alloy, pulumi-language-yaml, gitaly-fips, argo-events-fips, guac, coder-fips, redpanda-console, terragrunt-fips, gitea-fips, gitlab-runner-fips, nuclei, k9s, mapotf, cg, kyverno,...

5.4CVSS5.9AI score0.00297EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 7:25 p.m.12 views

Malicious code in venturo-playwright-runner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e63f5fe21c0fe70b9b120a217b3d1b14e765c47de231eb03d0d763c471fbd4e The package republishes Microsoft's @playwright/test under the unrelated name venturo-playwright-runner and falsifies its identity to claim Microsoft...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 7:8 p.m.12 views

Malicious code in venturo-playwright (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 602d8b957dc823f0dd6ac61f115e23fce1b433683873a9f4f8351dcbe9a37035 Package presents itself as Microsoft's Playwright: package.json description 'A high-level API to automate web browsers' is Playwright's exact tagline...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/05/19 7:8 p.m.23 views

MAL-2026-4700 Malicious code in venturo-playwright (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 602d8b957dc823f0dd6ac61f115e23fce1b433683873a9f4f8351dcbe9a37035 Package presents itself as Microsoft's Playwright: package.json description 'A high-level API to automate web browsers' is Playwright's exact tagline...

5.9AI score
Exploits0References1
Rows per page
Query Builder