VYPR

Vendor CVEs

Huggingface

All CVEs

26 total · sorted by risk
  • CVE-2026-25874CriApr 23, 2026
    risk 0.57cvss 9.8epss 0.16

    LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads() is used to deserialize data received over unauthenticated gRPC channels without TLS in the policy server and robot client components. An unauthenticated…

  • CVE-2026-5241CriJun 3, 2026
    risk 0.55cvss 9.6epss 0.00

    A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an attacker-controlled model repository to execute arbitrary code during model initialization. The issue arises because the `trust_remote_code` parameter, intended to prevent…

  • CVE-2025-14925HigDec 23, 2025
    risk 0.51cvss 7.8epss 0.00

    Hugging Face Accelerate Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Accelerate. User interaction is required to exploit this vulnerability in…

  • CVE-2025-14922HigDec 23, 2025
    risk 0.51cvss 7.8epss 0.00

    Hugging Face Diffusers CogView4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Diffusers. User interaction is required to exploit this…

  • CVE-2026-44827HigMay 14, 2026
    risk 0.50cvss 8.8epss 0.01

    Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, diffusers 0.37.0 allows remote code execution without the trust_remote_code=True safeguard when loading pipelines from Hugging Face Hub repositories. The _resolve_custom_pipeline_and_cls function in…

  • CVE-2026-44513HigMay 14, 2026
    risk 0.50cvss 8.8epss 0.01

    Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trust_remote_code bypass in DiffusionPipeline.from_pretrained allows arbitrary remote code execution despite the user passing trust_remote_code=False (or omitting it, which is the default). The…

  • CVE-2025-9959HigSep 3, 2025
    risk 0.49cvss 7.6epss 0.00

    Incomplete validation of dunder attributes allows an attacker to escape from the Local Python execution environment sandbox, enforced by smolagents. The attack requires a Prompt Injection in order to trick the agent to create malicious code.

  • CVE-2026-4372HigMay 24, 2026
    risk 0.44cvss 7.8epss 0.00

    A critical remote code execution vulnerability exists in all versions of the HuggingFace transformers library prior to version 5.3.0. The vulnerability allows an attacker to craft a malicious `config.json` file containing the `_attn_implementation_internal` field set to an…

  • CVE-2026-1839HigApr 7, 2026
    risk 0.44cvss 7.8epss 0.00

    A vulnerability in the HuggingFace Transformers library, specifically in the `Trainer` class, allows for arbitrary code execution. The `_load_rng_state()` method in `src/transformers/trainer.py` at line 3059 calls `torch.load()` without the `weights_only=True` parameter. This…

  • CVE-2026-0599HigFeb 2, 2026
    risk 0.44cvss 7.5epss 0.24

    A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Markdown image links and performs a…

  • CVE-2026-4963MedMar 27, 2026
    risk 0.41cvss 6.3epss 0.01

    A weakness has been identified in huggingface smolagents 1.25.0.dev0. This affects the function evaluate_augassign/evaluate_call/evaluate_with of the file src/smolagents/local_python_executor.py of the component Incomplete Fix CVE-2025-9959. This manipulation causes code…

  • CVE-2026-2654MedFeb 18, 2026
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in huggingface smolagents 1.24.0. Impacted is the function requests.get/requests.post of the component LocalPythonExecutor. Executing a manipulation can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit…

  • CVE-2025-10772MedSep 22, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in huggingface LeRobot up to 0.3.3. Affected by this vulnerability is an unknown functionality of the file lerobot/common/robot_devices/robots/lekiwi_remote.py of the component ZeroMQ Socket Handler. The manipulation leads to missing…

  • CVE-2026-45804higMay 20, 2026
    risk 0.38cvss epss 0.00

    ## Background This vulnerability is found in the `diffusers` package - the `transformers`-equivalent library for diffusion models. It is found in the `DiffusionPipeline.from_pretrained` flow, which is used to load a pipeline from the HuggingFace Hub. This function has a…

  • CVE-2024-3924MedMay 30, 2024
    risk 0.22cvss 4.4epss 0.00

    A code injection vulnerability exists in the huggingface/text-generation-inference repository, specifically within the `autodocs.yml` workflow file. The vulnerability arises from the insecure handling of the `github.head_ref` user input, which is used to dynamically construct a…

  • CVE-2024-11392Nov 22, 2024
    risk 0.01cvss epss 0.07

    Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this…

  • CVE-2025-14930Dec 23, 2025
    risk 0.00cvss epss 0.00

    Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this…

  • CVE-2025-14928Dec 23, 2025
    risk 0.00cvss epss 0.00

    Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this…

  • CVE-2025-14924Dec 23, 2025
    risk 0.00cvss epss 0.00

    Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit…

  • CVE-2025-14920Dec 23, 2025
    risk 0.00cvss epss 0.00

    Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit…

  • CVE-2025-14926Dec 23, 2025
    risk 0.00cvss epss 0.00

    Hugging Face Transformers SEW convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this…

  • CVE-2025-14927Dec 23, 2025
    risk 0.00cvss epss 0.00

    Hugging Face Transformers SEW-D convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this…

  • CVE-2025-14921Dec 23, 2025
    risk 0.00cvss epss 0.00

    Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to…

  • CVE-2025-14929Dec 23, 2025
    risk 0.00cvss epss 0.00

    Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required…

  • CVE-2024-11394Nov 22, 2024
    risk 0.00cvss epss 0.02

    Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this…

  • CVE-2024-11393Nov 22, 2024
    risk 0.00cvss epss 0.03

    Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit…