Vulnerabilities in huggingface
28 resultsCVE-2025-5197MEDIUMRegular Expression Denial of Service (ReDoS) in huggingface/transformersEPSS 0.4%CVE-2026-1839MEDIUMArbitrary Code Execution via Unsafe torch.load() in Trainer Checkpoint Loading in huggingface/transformersEPSS 0.3%CVE-2025-6051MEDIUMRegular Expression Denial of Service (ReDoS) in huggingface/transformersEPSS 0.3%CVE-2025-3777LOWImproper Input Validation in huggingface/transformersEPSS 0.3%CVE-2024-3924MEDIUMCode Injection in huggingface/text-generation-inferenceEPSS 0.3%CVE-2025-10772MEDIUMhuggingface LeRobot ZeroMQ Socket lekiwi_remote.py missing authenticationEPSS 0.3%CVE-2023-2800MEDIUMInsecure Temporary File in huggingface/transformersEPSS 0.3%CVE-2025-11844MEDIUMXPath Injection in Hugging Face Smolagents search_item_ctrl_f FunctionEPSS 0.3%