Vulnerable Library - transformers-4.57.6-py3-none-any.whl
State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow
Library home page: https://files.pythonhosted.org/packages/03/b8/e484ef633af3887baeeb4b6ad12743363af7cce68ae51e938e00aaa0529d/transformers-4.57.6-py3-none-any.whl
Path to dependency file: /ai/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/11/transformers-4.57.6-py3-none-any.whl,/tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/9/transformers-4.57.6-py3-none-any.whl
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2025-14920
Vulnerable Library - transformers-4.57.6-py3-none-any.whl
State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow
Library home page: https://files.pythonhosted.org/packages/03/b8/e484ef633af3887baeeb4b6ad12743363af7cce68ae51e938e00aaa0529d/transformers-4.57.6-py3-none-any.whl
Path to dependency file: /ai/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/11/transformers-4.57.6-py3-none-any.whl,/tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/9/transformers-4.57.6-py3-none-any.whl
Dependency Hierarchy:
- ❌ transformers-4.57.6-py3-none-any.whl (Vulnerable Library)
Found in base branch: main
Vulnerability Details
Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25423.
Publish Date: 2025-12-23
URL: CVE-2025-14920
CVSS 3 Score Details (7.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.
Step up your Open Source Security Game with Mend here
CVE-2026-1839
Vulnerable Library - transformers-4.57.6-py3-none-any.whl
State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow
Library home page: https://files.pythonhosted.org/packages/03/b8/e484ef633af3887baeeb4b6ad12743363af7cce68ae51e938e00aaa0529d/transformers-4.57.6-py3-none-any.whl
Path to dependency file: /ai/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/11/transformers-4.57.6-py3-none-any.whl,/tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/9/transformers-4.57.6-py3-none-any.whl
Dependency Hierarchy:
- ❌ transformers-4.57.6-py3-none-any.whl (Vulnerable Library)
Found in base branch: main
Vulnerability Details
A vulnerability in the HuggingFace Transformers library, specifically in the "Trainer" class, allows for arbitrary code execution. The "_load_rng_state()" method in "src/transformers/trainer.py" at line 3059 calls "torch.load()" without the "weights_only=True" parameter. This issue affects all versions of the library supporting "torch>=2.2" when used with PyTorch versions below 2.6, as the "safe_globals()" context manager provides no protection in these versions. An attacker can exploit this vulnerability by supplying a malicious checkpoint file, such as "rng_state.pth", which can execute arbitrary code when loaded. The issue is resolved in version v5.0.0rc3.
Publish Date: 2026-04-07
URL: CVE-2026-1839
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: Low
- Availability Impact: High
For more information on CVSS3 Scores, click here.
Suggested Fix
Type: Upgrade version
Release Date: 2026-04-07
Fix Resolution: https://github.com/huggingface/transformers.git - v5.0.0rc3,transformers - 5.0.0rc3
Step up your Open Source Security Game with Mend here
State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow
Library home page: https://files.pythonhosted.org/packages/03/b8/e484ef633af3887baeeb4b6ad12743363af7cce68ae51e938e00aaa0529d/transformers-4.57.6-py3-none-any.whl
Path to dependency file: /ai/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/11/transformers-4.57.6-py3-none-any.whl,/tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/9/transformers-4.57.6-py3-none-any.whl
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
Vulnerable Library - transformers-4.57.6-py3-none-any.whl
State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow
Library home page: https://files.pythonhosted.org/packages/03/b8/e484ef633af3887baeeb4b6ad12743363af7cce68ae51e938e00aaa0529d/transformers-4.57.6-py3-none-any.whl
Path to dependency file: /ai/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/11/transformers-4.57.6-py3-none-any.whl,/tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/9/transformers-4.57.6-py3-none-any.whl
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25423.
Publish Date: 2025-12-23
URL: CVE-2025-14920
CVSS 3 Score Details (7.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Step up your Open Source Security Game with Mend here
Vulnerable Library - transformers-4.57.6-py3-none-any.whl
State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow
Library home page: https://files.pythonhosted.org/packages/03/b8/e484ef633af3887baeeb4b6ad12743363af7cce68ae51e938e00aaa0529d/transformers-4.57.6-py3-none-any.whl
Path to dependency file: /ai/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/11/transformers-4.57.6-py3-none-any.whl,/tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/9/transformers-4.57.6-py3-none-any.whl
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
A vulnerability in the HuggingFace Transformers library, specifically in the "Trainer" class, allows for arbitrary code execution. The "_load_rng_state()" method in "src/transformers/trainer.py" at line 3059 calls "torch.load()" without the "weights_only=True" parameter. This issue affects all versions of the library supporting "torch>=2.2" when used with PyTorch versions below 2.6, as the "safe_globals()" context manager provides no protection in these versions. An attacker can exploit this vulnerability by supplying a malicious checkpoint file, such as "rng_state.pth", which can execute arbitrary code when loaded. The issue is resolved in version v5.0.0rc3.
Publish Date: 2026-04-07
URL: CVE-2026-1839
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: Low
- Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Release Date: 2026-04-07
Fix Resolution: https://github.com/huggingface/transformers.git - v5.0.0rc3,transformers - 5.0.0rc3
Step up your Open Source Security Game with Mend here