306 matches found
CVE-2026-58116
LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI access to execute arbitrary Python code by supplying a malicious model path in the Chat or Training interfaces. The application passes user-supplied model path input unvalidated into...
CVE-2026-58116 LLaMA-Factory 0.9.5 Remote Code Execution via WebUI Model Path
LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI access to execute arbitrary Python code by supplying a malicious model path in the Chat or Training interfaces. The application passes user-supplied model path input unvalidated into...
CVE-2026-58116
CVE-2026-58116 affects LLaMA-Factory up to version 0.9.5. A remote code execution vulnerability exists when a malicious model path is supplied via WebUI Chat/Training interfaces; unvalidated input is passed to AutoTokenizer.from_pretrained() and AutoModel.from_pretrained() with trust_remote_code=...
PYSEC-2026-387 LiteLLM has Server-Side Template Injection vulnerability in /completions endpoint
BerriAI/litellm is vulnerable to Server-Side Template Injection SSTI via the /completions endpoint. The vulnerability arises from the hfchattemplate method processing the chattemplate parameter from the tokenizerconfig.json file through the Jinja template engine without proper sanitization...
ngxray Vulnerability Scanner
ngxray is a static vulnerability scanner for nginx configurations. It parses configs with nginx's own tokenizer and matches against declarative JSON rules to detect known CVEs in rewrite/script engine directive patterns...
[SECURITY] Fedora 44 Update: sentencepiece-0.2.1-1.fc44
The SentencePiece is an unsupervised text tokenizer for Neural Network-based text generation. It is an unsupervised text tokenizer and detokenizer mainly for Neural Network-based text generation systems where the vocabulary size is predetermined prior to the neural model training. SentencePiece...
CVE-2026-47117
OpenMed before 1.5.2 contains a remote code execution vulnerability in the PII privacy-filter model loading path. The privacy-filter dispatcher used broad substring matching on the user-supplied modelname parameter, allowing a value such as attacker/foo-privacy-filter-bar to route through a path...
CVE-2026-47117
OpenMed before 1.5.2 contains a remote code execution vulnerability in the PII privacy-filter model loading path. The privacy-filter dispatcher used broad substring matching on the user-supplied modelname parameter, allowing a value such as attacker/foo-privacy-filter-bar to route through a path...
Cross-site Scripting (XSS)
Overview github.com/golang/net/html is a package that implements an HTML5-compliant tokenizer and parser. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the readStartTag function in the Tokenizer. An attacker can cause the execution of scripts in the context of t...
Astra Linux – Vulnerability in Ruby-Nokogiri
A command injection vulnerability exists in Nokogiri v1.10.3 and earlier. This vulnerability allows commands to be executed in a subprocess via Ruby’s Kernel.open method. Processes become vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is called with unsafe user input ...
PT-2026-42045
Name of the Vulnerable Software and Affected Versions dasel versions 3.0.0 through 3.3.1 Description The selector lexer contains a flaw that leads to a non-terminating loop when tokenizing an unterminated regex pattern, such as r/. This occurs because the matchRegexPattern closure within the...
EUVD-2026-29084
OS command injection CWE-78 vulnerability in pgAdmin 4 Import/Export query export. User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An authenticated user could inject " TO PROGRAM 'cmd'" to break out of the \copy ... context and achieve...
CVE-2026-7816
OS command injection CWE-78 vulnerability in pgAdmin 4 Import/Export query export. User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An authenticated user could inject " TO PROGRAM 'cmd'" to break out of the \copy ... context and achieve...
PT-2026-38487
Summary Nokogiri's CSS selector tokenizer contains regular expressions whose construction may result in exponential regex backtracking on adversarial selectors. Three ReDoS vectors are addressed in this release: 1. String-literal tokenization on certain unterminated quoted-string input. 2...
CVE-2026-7669
A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation of the argument trustremotecode with the input False as part of Boole...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview sglang is a SGLang is a fast serving framework for large language models and vision language models. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the gettokenizer function in the...
CVE-2026-7669
A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation of the argument trustremotecode with the input False as part of Boole...
CVE-2026-7669
Affected software: sgl-project SGLang (up to 0.5.9). The vulnerability targets the function get_tokenizer in python/sglang/srt/utils/hf_transformers_utils.py within the HuggingFace Transformer Handler. Root cause is deserialization triggered by input manipulation. Impact is remote execution with ...
CVE-2026-7669 sgl-project SGLang HuggingFace Transformer hf_transformers_utils.py get_tokenizer code injection
A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation of the argument trustremotecode with the input False as part of Boole...
CVE-2026-7669
A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation of the argument trustremotecode with the input False as part of Boole...