CVE-2026-46517

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...

PT-2022-26788 · Lief · Lief

Name of the Vulnerable Software and Affected Versions: LIEF versions prior to 0.12.3 Description: A heap buffer overflow in the parse dyldinfo generic bind function of LIEF's BinaryParser allows attackers to cause a Denial of Service DoS via a crafted MachO file. Recommendations: For versions pri...

@balderdash/sails-edge (>=0.12.0-edge9 <=0.50.0), @fahslaj/test-1 (>=1.0.0 <=1.0.12) +96 more potentially affected by CVE-2018-21036 via sails-hook-sockets (>=0.12.3 <=1.4.3)

sails-hook-sockets NPM version =0.12.3, =0.12.0-edge9, =1.0.0, =1.1.8, =0.0.0, =0.0.0, =1.2.0, =1.2.26 - ctartist621-sails =0.12.3 and more Source cves: CVE-2018-21036 Source advisory: OSV:GHSA-F7F4-HQP2-7PRC...