Hugging Face

Hugging Face is a well-known AI/ML platform that hosts machine learning models and provides collaborative development tools for the AI community. This critical vulnerability (CVSS 9.8) can be exploited remotely over a network without authentication or user interaction, allowing attackers to gain complete control over confidentiality, integrity, and availability of affected systems. Security teams should monitor for exploitation attempts targeting Hugging Face deployments and apply patches immediately upon vendor release, expected by April 2026.