30 matches found
CVE-2024-11394
Summary of affected IBM products and CVEs (CVE-2024-11392 / 11393 / 11394) Multiple IBM security bulletins report that Hugging Face Transformers deserialization vulnerabilities may allow remote code execution (RCE) when user-supplied model files are deserialized without proper validation. The CVE...
CVE-2024-11393
CVE-2024-11393 (MaskFormer) is a deserialization-based remote code execution in Hugging Face Transformers. The issue arises from untrusted data in model file parsing, enabling code execution on the caller’s context after user interaction. Public advisories in connected IBM/IBM Cloud Pak for Data ...
CVE-2024-11392
CVE-2024-11392 is a deserialization-based remote code execution vulnerability in Hugging Face Transformers that IBM-related bulletins connect to. In the connected IBM advisories, exploitation pertains to multiple IBM products using Transformers components, notably: IBM Watson Speech Services Cart...
CVE-2024-12720
CVE-2024-12720 affects Hugging Face Transformers, in particular the file tokenization_nougat_fast.py within the post_process_single() function. The issue is a RegEx that can exhibit exponential backtracking, leading to high CPU usage and potential DoS under crafted input. Affected version cited: ...
CVE-2025-1194
CVE-2025-1194 – ReDoS in HuggingFace Transformers (GPT-NeoX-Japanese SubWordJapaneseTokenizer) The CVE describes a Regular Expression Denial of Service in the HuggingFace transformers package, specifically in tokenization_gpt_neox_japanese.py (GPT-NeoX-Japanese model). The vulnerability arises fr...
CVE-2024-3568
The CVE-2024-3568 issue affects the Hugging Face Transformers library, where an unsafe deserialization in TFPreTrainedModel.load_repo_checkpoint() uses pickle.load() on data from untrusted sources, enabling remote code execution via a malicious checkpoint. Documented impact targets Transformers v...
CVE-2025-3777
CVE-2025-3777 : In Hugging Face Transformers, versions up to 4.49.0 are affected by improper input validation in image_utils.py due to insecure URL validation with startswith(), bypassable via URL username injection. Attackers could craft URLs that appear to be from YouTube but resolve to malicio...
CVE-2025-5197
The CVE-2025-5197 ReDoS vulnerability affects Hugging Face Transformers in the convert_tf_weight_name_to_pt_weight_name() function, where the regex /[^/]___([^/] )/ can cause excessive CPU usage via catastrophic backtracking. Affected versions: up to 4.51.3, with a fix in 4.53.0. Practical impact...
CVE-2023-2800
CVE-2023-2800 affects Hugging Face Transformers (prior to 4.30.0). Insecure temporary file creation via tempfile.mktemp() could enable local denial of service. The IBM/IBM Cloud Pak bulletin and GH advisories confirm the workaround: upgrade Transformers to 4.30.0 or newer.
CVE-2023-7018
Technical details about CVE-2023-7018 are not publicly disclosed in the provided documents. No affected products/versions or exploit information are included. Monitor for updates from the listed sources and corroborating advisories.
CVE-2023-6730
The CVE-2023-6730 issue affects the Hugging Face transformers library and is caused by deserialization of untrusted data in the package prior to version 4.36. Specifically, untrusted input could be deserialized during normal operation of transformers, leading to potential impact as described in t...
CVE-2025-2099
CVE-2025-2099 describes a ReDoS in huggingface/transformers v4.48.3 due to a nested-quantifier regex in preprocess_string() within transformers.testing_utils. The issue causes exponential backtracking on input with many newlines, leading to high CPU usage and potential DoS. Connected documents co...
CVE-2026-4372
CVE-2026-4372 affects HuggingFace transformers prior to 5.3.0. A malicious config.json can set _attn_implementation_internal to an attacker-controlled HuggingFace Hub repo ID. When a victim loads a model with AutoModelForCausalLM.from_pretrained(), the library downloads and executes arbitrary Pyt...
CVE-2026-1839
CVE-2026-1839 concerns the HuggingFace Transformers library, affecting the Trainer class. The root cause is an unsafe load in src/transformers/trainer.py: _load_rng_state() calls torch.load() without weights_only=True, which can allow arbitrary code execution when loading a malicious checkpoint (...
CVE-2026-5241
Technical details (affected products, versions, fixes, or exploit specifics) are not publicly available in the provided connected documents. Monitor for updates from vendors and security advisories.
CVE-2025-3933
CVE-2025-3933 (Hugging Face Transformers) A ReDoS vulnerability exists in the DonutProcessor.token2json() implementation where the regex pattern (and a similar pattern in later mention) can cause catastrophic backtracking and high CPU usage. Affected: Transformers versions 4.50.3 and earlier. Im...
CVE-2025-14921
CVE-2025-14921 affects Hugging Face Transformers (Transformer-XL) with a flaw in parsing Transformer-XL model files that fails to validate untrusted input, enabling deserialization of untrusted data and remote code execution. The underlying cause is insufficient validation during model-file parsi...
CVE-2025-3262
CVE-2025-3262 — Hugging Face Transformers ReDoS : In version 4.49.0 of the transformers repository, the regex in SETTING_RE within transformers/commands/chat.py enables exponential backtracking under crafted inputs, causing denial-of-service (DoS) risk. The issue is fixed in version 4.51.0. Remed...
CVE-2025-3264
CVE-2025-3264 (Hugging Face Transformers) is a ReDoS in get_imports() of dynamic_module_utils.py. The issue stems from a regex used to filter out Python try/except blocks: \stry\s :.?except. ?:, which can cause catastrophic backtracking and excessive CPU usage. Affected versions are 4.49.0; fixed...
CVE-2025-14930
CVE-2025-14930 affects Hugging Face Transformers GLM4: the vulnerability is in the weight parsing/ deserialization of untrusted data, allowing arbitrary code execution in the current user context when a user processes a malicious GLM4 model or file. Root cause: insufficient validation during pars...
CVE-2025-3263
CVE-2025-3263 in Hugging Face Transformers (get_configuration_file in transformers.configuration_utils) is a RegEx Denial of Service triggered by the pattern config.(.*).json. The issue affects v4.49.0 and is resolved in v4.51.0. Exploitation can cause high CPU usage, potentially disrupting model...
CVE-2025-6051
CVE-2025-6051 is a ReDoS in Hugging Face Transformers’ EnglishNormalizer.normalize_numbers(), affecting versions up to 4.52.4 and fixed in 4.53.0. The issue arises from numeric string handling, enabling crafted inputs with long digit sequences to cause excessive CPU usage, impacting text-to-speec...
CVE-2025-6638
CVE-2025-6638 affects Hugging Face Transformers, specifically MarianTokenizer.remove_language_code(). The vulnerability arises from inefficient regex processing that can be triggered by crafted input patterns, causing high CPU usage and potential DoS. Affected version: 4.52.4; fixed in 4.53.0. IB...
CVE-2025-14924
Summary: CVE-2025-14924 affects Hugging Face Transformers megatron_gpt2. The vulnerability arises during the parsing of checkpoints, where user-supplied data is not properly validated, allowing deserialization of untrusted data and resulting in arbitrary code execution in the current process. Imp...
CVE-2025-6921
CVE-2025-6921 affects the huggingface/transformers library prior to 4.53.0, causing a Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer via unsafe handling in _do_use_weight_decay of include_in_weight_decay/exclude_from_weight_decay. IBM Maximo Application Suite Monito...
CVE-2025-14926
Hugging Face Transformers SEW convert_config vulnerability (CVE-2025-14926) affects the Transformers library. The flaw is in convert_config: it does not validate a user-supplied string before using it to execute Python code, enabling arbitrary code execution in the attacker’s context when a malic...
CVE-2025-14920
CVE-2025-14920 affects Hugging Face Transformers Perceiver Model with a deserialization of untrusted data in model files, enabling arbitrary code execution in the context of the current user when a user opens a malicious model/file or visits a crafted page. Impact details align with multiple sour...
CVE-2025-14927
The CVE-2025-14927 issue affects Hugging Face Transformers SEW-D, specifically the convert_config function. The flaw results from insufficient validation of a user-supplied string before it is used to execute Python code, enabling arbitrary code execution in the caller’s context when converting a...
CVE-2025-14928
CVE-2025-14928 – Hugging Face Transformers HuBERT convert_config code execution . A flaw in convert_config fails to validate a user-supplied string before using it to execute Python code, enabling arbitrary code execution when processing a malicious HuBERT checkpoint. Affected product: Hugging Fa...
CVE-2025-14929
CVE-2025-14929 concerns Hugging Face Transformers (X-CLIP) checkpoint conversion. The vulnerability stems from improper validation during checkpoint parsing, enabling deserialization of untrusted data and resulting in remote code execution in the process that handles the file. Attacker interactio...