Huggingface Transformers

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-1839 MEDIUM PATCH GHSA This Month

Remote code execution in HuggingFace Transformers library allows arbitrary code execution via malicious checkpoint files. The `_load_rng_state()` method in the `Trainer` class calls `torch.load()` without the `weights_only=True` parameter, enabling deserialization attacks when PyTorch versions below 2.6 are used with torch>=2.2. An attacker can craft a malicious `rng_state.pth` checkpoint file that executes arbitrary code when loaded by an application using affected Transformers versions. The fix is available in version v5.0.0rc3, and no public exploit has been independently confirmed at time of analysis.

Hugging Face Pytorch Python AI / ML RCE +2
NVD GitHub
CVSS 3.0
6.5
EPSS
0.0%
CVE-2026-1839
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Remote code execution in HuggingFace Transformers library allows arbitrary code execution via malicious checkpoint files. The `_load_rng_state()` method in the `Trainer` class calls `torch.load()` without the `weights_only=True` parameter, enabling deserialization attacks when PyTorch versions below 2.6 are used with torch>=2.2. An attacker can craft a malicious `rng_state.pth` checkpoint file that executes arbitrary code when loaded by an application using affected Transformers versions. The fix is available in version v5.0.0rc3, and no public exploit has been independently confirmed at time of analysis.

Hugging Face Pytorch Python +4
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy