GHSA-69W3-R845-3855 HuggingFace Transformers allows for arbitrary code execution in the `Trainer` class

A vulnerability in the HuggingFace Transformers library, specifically in the Trainer class, allows for arbitrary code execution. The loadrngstate method in src/transformers/trainer.py at line 3059 calls torch.load without the weightsonly=True parameter. This issue affects all versions of the...

CVE-2026-1839

CVE-2026-1839 concerns the HuggingFace Transformers library, affecting the Trainer class. The root cause is an unsafe load in src/transformers/trainer.py: _load_rng_state() calls torch.load() without weights_only=True, which can allow arbitrary code execution when loading a malicious checkpoint (...

CVE-2026-1839 Arbitrary Code Execution via Unsafe torch.load() in Trainer Checkpoint Loading in huggingface/transformers

A vulnerability in the HuggingFace Transformers library, specifically in the Trainer class, allows for arbitrary code execution. The loadrngstate method in src/transformers/trainer.py at line 3059 calls torch.load without the weightsonly=True parameter. This issue affects all versions of the...

21cmpsdenoiser (>=1.0.0 <=1.0.2), 2404-segmentation-pipeline (>=0.1.0 <=1.0.0) +22343 more potentially affected by CVE-2026-4538 via torch (>=2.0.0 <=2.11.0)

torch PYPI version =2.0.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.10.5, =0.1.0.dev1, =0.1.5 and more Source cves: CVE-2026-4538 Source advisory: OSV:PYSEC-2026-139...

3d-rcnet (>=0.1.0 <=0.2.3), 4996 (>=0.1.0 <=0.1.1) +1368 more potentially affected by CVE-2025-63396 via torch (>=1.0.0 <=1.13.1)

torch PYPI version =1.0.0, =0.1.0, =0.1.0, =0.2.4, =0.0.1b1, =1.0.32, =0.0.3, =2.1.17, =0.0.0.dev1, =0.2.3, =0.4.0, =0.6.3 and more Source cves: CVE-2025-63396 Source advisory: OSV:PYSEC-2025-210...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +24662 more potentially affected by CVE-2025-55560 via torch (>=1.0.0 <=2.7.0)

torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.10 and more Source cves: CVE-2025-55560 Source advisory: OSV:PYSEC-2025-209...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +24855 more potentially affected by CVE-2025-55552 via torch (>=1.0.0 <=2.8.0)

torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.10 and more Source cves: CVE-2025-55552 Source advisory: OSV:PYSEC-2025-204...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +23686 more potentially affected by CVE-2025-55552 via torch (>=2.0.0 <=2.8.0)

torch PYPI version =2.0.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.10.5, =0.10.13 and more Source cves: CVE-2025-55552 Source advisory: SNYK:PYTHON-TORCH-13052971...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +23579 more potentially affected by CVE-2025-55553 via torch (>=2.0.0 <=2.7.1)

torch PYPI version =2.0.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.10.5, =0.10.13 and more Source cves: CVE-2025-55553 Source advisory: SNYK:PYTHON-TORCH-13052994...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +23579 more potentially affected by CVE-2025-55557 via torch (>=2.0.0 <=2.7.1)

torch PYPI version =2.0.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.10.5, =0.10.13 and more Source cves: CVE-2025-55557 Source advisory: SNYK:PYTHON-TORCH-13052977...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +24855 more potentially affected by CVE-2025-55551 via torch (>=1.0.0 <=2.8.0)

torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.10 and more Source cves: CVE-2025-55551 Source advisory: OSV:PYSEC-2025-203...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +24626 more potentially affected by CVE-2025-46148 via torch (>=1.0.0 <=2.6.0)

torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.10 and more Source cves: CVE-2025-46148 Source advisory: OSV:PYSEC-2025-198...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +23579 more potentially affected by CVE-2025-55558 via torch (>=2.0.0 <=2.7.1)

torch PYPI version =2.0.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.10.5, =0.10.13 and more Source cves: CVE-2025-55558 Source advisory: SNYK:PYTHON-TORCH-13052818...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +23686 more potentially affected by CVE-2025-55551 via torch (>=2.0.0 <=2.8.0)

torch PYPI version =2.0.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.10.5, =0.10.13 and more Source cves: CVE-2025-55551 Source advisory: SNYK:PYTHON-TORCH-13052805...

LLaMA-Factory allows Code Injection through improper vhead_file safeguards

Summary A critical remote code execution vulnerability was discovered during the Llama Factory training process. This vulnerability arises because the vheadfile is loaded without proper safeguards, allowing malicious attackers to execute arbitrary malicious code on the host system simply by passi...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +24471 more potentially affected by CVE-2025-32434 via torch (>=1.0.0 <=2.5.1)

torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.10 and more Source cves: CVE-2025-32434 Source advisory: OSV:GHSA-53Q9-R3PM-6PQ6...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +23579 more potentially affected by CVE-2025-3730 via torch (>=2.0.0 <=2.7.1)

torch PYPI version =2.0.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.10.5, =0.10.13 and more Source cves: CVE-2025-3730 Source advisory: SNYK:PYTHON-TORCH-9726944...

3d-rcnet (>=0.1.0 <=0.2.3), 4996 (>=0.1.0 <=0.1.1) +1368 more potentially affected by CVE-2025-3136 via torch (>=1.0.0 <=1.13.1)

torch PYPI version =1.0.0, =0.1.0, =0.1.0, =0.2.4, =0.0.1b1, =1.0.32, =0.0.3, =2.1.17, =0.0.0.dev1, =0.2.3, =0.4.0, =0.6.3 and more Source cves: CVE-2025-3136 Source advisory: OSV:PYSEC-2025-197...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +24928 more potentially affected by CVE-2025-3121 via torch (>=1.0.0 <=2.9.1)

torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.10 and more Source cves: CVE-2025-3121 Source advisory: SNYK:PYTHON-TORCH-10337834...

3d-rcnet (>=0.1.0 <=0.2.3), 4996 (>=0.1.0 <=0.1.1) +1368 more potentially affected by CVE-2025-3001 via torch (>=1.0.0 <=1.13.1)

torch PYPI version =1.0.0, =0.1.0, =0.1.0, =0.2.4, =0.0.1b1, =1.0.32, =0.0.3, =2.1.17, =0.0.0.dev1, =0.2.3, =0.4.0, =0.6.3 and more Source cves: CVE-2025-3001 Source advisory: OSV:PYSEC-2025-195...