H

Huggingface Security Vulnerabilities (CVE)

Explore vulnerabilities and security advisories affecting Huggingface products.

8 known CVE vulnerabilities tracked

Critical
0
High
8
Medium
0
Low
0
None
0

Vulnerabilities By Year

8
2025

Products Affected

Transformers 8

All Huggingface CVEs

Recent Highest Score Oldest
CVE-2025-14930
7.8 high

Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the ta

Transformers Dec 23, 2025
CVE-2025-14929
7.8 high

Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vuln

Transformers Dec 23, 2025
CVE-2025-14928
7.8 high

Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the targ

Transformers Dec 23, 2025
CVE-2025-14927
7.8 high

Hugging Face Transformers SEW-D convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the targe

Transformers Dec 23, 2025
CVE-2025-14926
7.8 high

Hugging Face Transformers SEW convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target

Transformers Dec 23, 2025
CVE-2025-14924
7.8 high

Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in th

Transformers Dec 23, 2025
CVE-2025-14921
7.8 high

Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerabilit

Transformers Dec 23, 2025
CVE-2025-14920
7.8 high

Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in

Transformers Dec 23, 2025