CVE-2025-14930

Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

CVE-2025-14930 Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability

Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

CVE-2025-14930

CVE-2025-14930 affects Hugging Face Transformers GLM4: the vulnerability is in the weight parsing/ deserialization of untrusted data, allowing arbitrary code execution in the current user context when a user processes a malicious GLM4 model or file. Root cause: insufficient validation during pars...

Hugging Face Transformers 代码问题漏洞

Hugging Face Transformers is a Hugging Face open source framework for defining state-of-the-art machine learning models covering textual, visual, audio, and multimodal models for inference and training. A code issue vulnerability exists in Hugging Face Transformers that stems from a lack of...