200 matches found
EUVD-2025-0192
Malicious code in bioql PyPI...
EUVD-2025-27461
Malicious code in bioql PyPI...
PT-2026-5024
Name of the Vulnerable Software and Affected Versions PyTorch versions prior to 2.10.0 Description PyTorch, a Python package for tensor computation, has an issue in its weights only unpickler. An attacker can create a malicious checkpoint file .pth that, when loaded using torch.load..., weights...
CVE-2025-58756
MONAI Medical Open Network for AI is an AI toolkit for health care imaging. In versions up to and including 1.5.0, in modeldict = torch.loadfullpath, maplocation=torch.devicedevice, weightsonly=True in monai/bundle/scripts.py , weightsonly=True is loaded securely. However, insecure loading method...
GHSA-9W53-XR52-MWGJ SGLang Remote Code Execution Vulnerability via Unsafe Deserialization in update_weights_from_tensor
A security flaw has been discovered in lmsys sglang 0.4.6. Affected by this vulnerability is the function main of the file /updateweightsfromtensor. The manipulation of the argument serializednamedtensors results in deserialization. The attack can be launched remotely. The exploit has been releas...
SGLang Remote Code Execution Vulnerability via Unsafe Deserialization in update_weights_from_tensor
A security flaw has been discovered in lmsys sglang 0.4.6. Affected by this vulnerability is the function main of the file /updateweightsfromtensor. The manipulation of the argument serializednamedtensors results in deserialization. The attack can be launched remotely. The exploit has been releas...
Deserialization of Untrusted Data
Overview monai is an AI Toolkit for Healthcare Imaging Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the load function in the bundle/scripts.py file, which uses torch.load with weightsonly=True parameter. An attacker can execute arbitrary commands by...
Deserialization of Untrusted Data
Overview sglang is a SGLang is a fast serving framework for large language models and vision language models. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the main function in the /updateweightsfromtensor process in...
CVE-2025-10164
A security flaw has been discovered in lmsys sglang 0.4.6. Affected by this vulnerability is the function main of the file /updateweightsfromtensor. The manipulation of the argument serializednamedtensors results in deserialization. The attack can be launched remotely. The exploit has been releas...
CVE-2025-10164
CVE-2025-10164 affects lmsys sglang 0.4.6. The vulnerability is in the main function of the file /update_weights_from_tensor, where manipulation of the serialized_named_tensors input enables deserialization, allowing remote exploitation. Public exploits exist and the vendor was unresponsive. Publ...
LMSYS SGLang 代码问题漏洞
LMSYS SGLang is a large language model inference engine from LMSYS open source. A code issue vulnerability exists in LMSYS SGLang version 0.4.6, which stems from a misbehavior of the parameter serializednamedtensors of the function main in the file /updateweightsfromtensor resulting in...
PT-2025-36911
Name of the Vulnerable Software and Affected Versions lmsys sglang version 0.4.6 Description A security flaw exists in lmsys sglang version 0.4.6. The issue involves the main function within the /update weights from tensor file, which is susceptible to deserialization due to manipulation of the...
Linux Distros Unpatched Vulnerability : CVE-2025-32434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In...
A Novel Post-Quantum Secure Digital Signature Scheme Based on Neural Network
Digital signatures are fundamental cryptographic primitives that ensure the authenticity and integrity of digital documents. In the post-quantum era, classical public key-based signature schemes become vulnerable to brute-force and key-recovery attacks due to the computational power of quantum...
Dependacy chain attack through hijacking broken github repository at https://github.com/huggingface/transformers/blob/main/src/\ntransformers/models/fuyu/\nconvert_fuyu_model_weights_to_hf.py
Description Type: Dependency Chain Attack through hijacking broken github repository Risk: High Allows arbitrary code execution in model conversion workflows Affected Asset: https://github.com/adept-ai-labs/adept-inference Broken URL in Hugging Face Transformers Root Cause The Hugging Face...
GHSA-XJ56-P8MM-QMXJ LLaMA-Factory allows Code Injection through improper vhead_file safeguards
Summary A critical remote code execution vulnerability was discovered during the Llama Factory training process. This vulnerability arises because the vheadfile is loaded without proper safeguards, allowing malicious attackers to execute arbitrary malicious code on the host system simply by passi...
ObfusBFA: a Holistic Approach to Safeguarding DNNs from Different Types of Bit-Flip Attacks
Bit-flip attacks BFAs represent a serious threat to Deep Neural Networks DNNs, where flipping a small number of bits in the model parameters or binary code can significantly degrade the model accuracy or mislead the model prediction in a desired way. Existing defenses exclusively focus on...
Differentially Private Distribution Release of Gaussian Mixture Models Via KL-Divergence Minimization
Gaussian Mixture Models GMMs are widely used statistical models for representing multi-modal data distributions, with numerous applications in data mining, pattern recognition, data simulation, and machine learning. However, recent research has shown that releasing GMM parameters poses significan...
CVE-2023-25675
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...
A Weighted Byzantine Fault Tolerance Consensus Driven Trusted Multiple Large Language Models Network
Large Language Models LLMs have achieved remarkable success across a wide range of applications. However, individual LLMs often produce inconsistent, biased, or hallucinated outputs due to limitations in their training corpora and model architectures. Recently, collaborative frameworks such as th...