Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

CVE
CVEadded 2026/05/24 1:40 p.m.52 views

CVE-2026-4372

CVE-2026-4372 affects HuggingFace transformers prior to 5.3.0. A malicious config.json can set _attn_implementation_internal to an attacker-controlled HuggingFace Hub repo ID. When a victim loads a model with AutoModelForCausalLM.from_pretrained(), the library downloads and executes arbitrary Pyt...

7.8CVSS7.8AI score0.00479EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blogadded 2025/08/12 7:33 p.m.14 views

Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality

Summary It is possible to bypass the mitigation introduced in response to CVE-2025-1550, when an untrusted Keras v3 model is loaded, even when “safemode” is enabled, by crafting malicious arguments to built-in Keras modules. The vulnerability is exploitable on the default configuration and does n...

9.8CVSS8.2AI score0.02803EPSS
Exploits3References7Affected Software1
Rows per page
Query Builder