16 matches found
CVE-2024-11394
Summary of affected IBM products and CVEs (CVE-2024-11392 / 11393 / 11394) Multiple IBM security bulletins report that Hugging Face Transformers deserialization vulnerabilities may allow remote code execution (RCE) when user-supplied model files are deserialized without proper validation. The CVE...
CVE-2024-11393
CVE-2024-11393 (MaskFormer) is a deserialization-based remote code execution in Hugging Face Transformers. The issue arises from untrusted data in model file parsing, enabling code execution on the caller’s context after user interaction. Public advisories in connected IBM/IBM Cloud Pak for Data ...
CVE-2024-11392
CVE-2024-11392 is a deserialization-based remote code execution vulnerability in Hugging Face Transformers that IBM-related bulletins connect to. In the connected IBM advisories, exploitation pertains to multiple IBM products using Transformers components, notably: IBM Watson Speech Services Cart...
CVE-2024-12720
CVE-2024-12720 affects Hugging Face Transformers, in particular the file tokenization_nougat_fast.py within the post_process_single() function. The issue is a RegEx that can exhibit exponential backtracking, leading to high CPU usage and potential DoS under crafted input. Affected version cited: ...
CVE-2025-1194
CVE-2025-1194 – ReDoS in HuggingFace Transformers (GPT-NeoX-Japanese SubWordJapaneseTokenizer) The CVE describes a Regular Expression Denial of Service in the HuggingFace transformers package, specifically in tokenization_gpt_neox_japanese.py (GPT-NeoX-Japanese model). The vulnerability arises fr...
CVE-2024-3568
The CVE-2024-3568 issue affects the Hugging Face Transformers library, where an unsafe deserialization in TFPreTrainedModel.load_repo_checkpoint() uses pickle.load() on data from untrusted sources, enabling remote code execution via a malicious checkpoint. Documented impact targets Transformers v...
CVE-2025-3777
CVE-2025-3777 : In Hugging Face Transformers, versions up to 4.49.0 are affected by improper input validation in image_utils.py due to insecure URL validation with startswith(), bypassable via URL username injection. Attackers could craft URLs that appear to be from YouTube but resolve to malicio...
CVE-2025-5197
The CVE-2025-5197 ReDoS vulnerability affects Hugging Face Transformers in the convert_tf_weight_name_to_pt_weight_name() function, where the regex /[^/]___([^/] )/ can cause excessive CPU usage via catastrophic backtracking. Affected versions: up to 4.51.3, with a fix in 4.53.0. Practical impact...
CVE-2023-2800
CVE-2023-2800 affects Hugging Face Transformers (prior to 4.30.0). Insecure temporary file creation via tempfile.mktemp() could enable local denial of service. The IBM/IBM Cloud Pak bulletin and GH advisories confirm the workaround: upgrade Transformers to 4.30.0 or newer.
CVE-2026-4372
CVE-2026-4372 affects HuggingFace transformers prior to 5.3.0. A malicious config.json can set _attn_implementation_internal to an attacker-controlled HuggingFace Hub repo ID. When a victim loads a model with AutoModelForCausalLM.from_pretrained(), the library downloads and executes arbitrary Pyt...
CVE-2023-7018
Technical details about CVE-2023-7018 are not publicly disclosed in the provided documents. No affected products/versions or exploit information are included. Monitor for updates from the listed sources and corroborating advisories.
CVE-2023-6730
The CVE-2023-6730 issue affects the Hugging Face transformers library and is caused by deserialization of untrusted data in the package prior to version 4.36. Specifically, untrusted input could be deserialized during normal operation of transformers, leading to potential impact as described in t...
CVE-2026-1839
CVE-2026-1839 concerns the HuggingFace Transformers library, affecting the Trainer class. The root cause is an unsafe load in src/transformers/trainer.py: _load_rng_state() calls torch.load() without weights_only=True, which can allow arbitrary code execution when loading a malicious checkpoint (...
CVE-2025-3933
CVE-2025-3933 (Hugging Face Transformers) A ReDoS vulnerability exists in the DonutProcessor.token2json() implementation where the regex pattern (and a similar pattern in later mention) can cause catastrophic backtracking and high CPU usage. Affected: Transformers versions 4.50.3 and earlier. Im...
CVE-2025-3262
CVE-2025-3262 — Hugging Face Transformers ReDoS : In version 4.49.0 of the transformers repository, the regex in SETTING_RE within transformers/commands/chat.py enables exponential backtracking under crafted inputs, causing denial-of-service (DoS) risk. The issue is fixed in version 4.51.0. Remed...
CVE-2025-6921
CVE-2025-6921 affects the huggingface/transformers library prior to 4.53.0, causing a Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer via unsafe handling in _do_use_weight_decay of include_in_weight_decay/exclude_from_weight_decay. IBM Maximo Application Suite Monito...