Hugging Face

Hugging Face is a well-known AI/machine learning platform that provides pretrained models and collaborative tools for developers. This high-severity vulnerability requires local access with user interaction but no authentication, allowing an attacker to achieve complete compromise including confidentiality, integrity, and availability breaches on the affected system. Security teams should monitor for any Hugging Face product updates between now and the June 2026 deadline and assess whether their ML pipelines or development environments use affected versions.